Stuxnet–An Interesting Piece of Software Writing…

“This is the way the world ends…not with a bang but a whimper.” – TS Eliot

A significant computer security exploit, known as Stuxnet, was released last year against the Iranian nuclear power and weapons programs.  The way it was written was very clever, and extremely well targeted. 

Today, there was a post on Good Morning Silicon Valley that I have copied below:

“The idea behind Stuxnet computer worm is really quite simple. We don’t want Iran to get the bomb.”

Ralph Langner, a German cybersecurity expert, speaking Thursday at the TED Conference in Long Beach, Calif.

Stuxnet, which attacks utilities and other critical infrastructures, was discovered last year after it infected the computer systems of an Iranian nuclear plant.  The worm, which has been studied by companies such as Microsoft — it exploits security holes in Windows — and security companies from Silicon Valley-based Symantec to Russia-based Kaspersky Lab, has attacked elsewhere. But a new article in the April issue of Vanity Fair zeroes in on the attacks on Iran’s nuclear plant, and explores the theories that the sophistication of the worm — “the first known virus that, released into the wild, can seek out a specific target, sabotage it, and hide both its existence and its effects until after the damage is done” — and the timing of the attacks appear to have been designed to hinder Iran’s nuclear program. Langner and others, including Frank Rieger, a member of the Germany-based human-rights tech group CCC (Chaos Computer Club), suspect that the U.S. and Israel, and perhaps another country, collaborated to develop what Vanity Fair writer Michael Joseph Gross has dubbed “the Hiroshima of cyberwar.”

An earlier post on GMSV said:

“An electronic war has been launched against Iran.”

Mahmoud Liayi, head of the information technology council at Iran’s ministry of industries, on a worm that has infected the computer systems at that country’s first nuclear power plant. The Stuxnet worm, which also has been found in India and Indonesia, targets SCADA (supervisory control and data acquisition) systems, such as utilities or other infrastructure controls, by exploiting security holes in Microsoft’s Windows. Security researchers from Symantec and Kaspersky Lab disagree about when the Stuxnet worm first attacked (January or July), but they do agree that its scope and sophistication — and whose existence is referred to by a Forbes contributing writer as a “game-changer” — make it likely that it was government-backed, according to Computerworld. A cybersecurity expert quoted by the Wall Street Journal says suspects include the U.S., U.K., and Israel.

Well, if you are going to war against another country, screwing with their computers and control systems beats bombing them to oblivion, I guess. I think that the world will be a cold and dark place once this exploit is turned loose on everyone.

I always believed that Israel and the US were the most likely sponsors of this well written computer exploit. But then again the Russians have something to worry about with a nuclear Iran right next door, and their coders are nothing to sneer at either.

What makes this exploit so interesting is that it appears to be a cyberattack launched by one government against another.  This is probably not the first time this has happened, but it sure is one of the most publicized.  Hmmmm…. curiouser and curiouser.

0

About the Author:

Cybersecurity guru to business owners in the St Paul, Minneapolis, and western Wisconsin area. Computer security and hacking have been a passion of mine since I entered the computer and networking business in 2000. In 2013 I completed a course of study and certification exam to become a Certified Ethical Hacker (CEH). In 2016 I was certified as a Certified Information Systems Security Professional (CISSP). As Senior Cybersecurity Engineer at Computer Integration Technologies, I help our clients experience high levels of computer security, network security, and web site security. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also provide Cybersecurity Awareness Training for clients and their employees. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. The views expressed on this Web site are mine alone and do not necessarily represent the views of my employer.

Add a Comment