Experts: Stuxnet is a military-grade cyber weapon aimed at Iran

stuxnet worm spreads via thumb drives

The Stuxnet worm is a new cyber weapon that avoided Internet security by spreading via thumb drives to seek and destroy a specific target. Image: CC robertnelson/Flickr

Stuxnet is a worm being described as the most sophisticated malware ever detected. It has amazed computer security experts worldwide. They believe that Stuxnet developers created the worm as a search and destroy weapon for sabatoge. The cybersecurity experts say that only a nation-state, not a band of rogue hackers, would have the time, money and talent to develop a worm with the complexity of Stuxnet. Instead of spreading indiscriminately via the Internet, Stuxnet migrates through thumb drives and printer spoolers to seek out a specific software program used in factories, power plants and water systems. Stuxnet has turned up most often in Iran, which leads some to believe it was designed to attack the controversial Bushehr nuclear power plant.

Did Stuxnet sabotage Bushehr reactor?

Stuxnet was first detected in June. The Christian Science Monitor reports that the worm’s complexity and encryption has dumbfounded computer security experts. Stuxnet is the first malware discovered that targets, infiltrates and takes control of software used to run chemical plants, factories, power plants and electric grids worldwide. Cybersecurity researcher Ralph Langler told the Monitor that Stuxnet is a precision, military-grade cyber missile deployed to seek  and destroy one high value target. Langer suggests that target has already been hit: Iran’s Bushehr nuclear power plant. Bushehr’s scheduled startup in August has been delayed for unknown reasons.

How Stuxnet seeks and destroys

About 45,000 computer systems have been infected by Stuxnet worldwide. The Daily Mail reports that the worm targets computer systems that aren’t connected to the Internet for security reasons. Instead, it infects PCs running Microsoft Windows via USB thumb drives. No clicking or keying is required for Stuxnet to hijack a PC. Once embedded, Stuxnet seeks out software developed by Siemens that runs industrial control systems. It attacks by reprogramming software to give industrial machinery new, supposedly dangerous instructions. Experts say Stuxnet is capable of taking control of key processes to set off a sequence that makes an entire system self-destruct.

Stuxnet launches new era of cyber warfare

Stuxnet has set off alarms because of the complexity its code and the wide array of different techniques bundled into one package. Liam O’Murchu of Symantec, who tracked the worm since it was detected, told BBC News that Stuxnet uses a lot of new techniques never seen before that allowed it to spread. The worm exploits several previously unknown, unpatched Windows vulnerabilities. O’Murchu said Stuxnet was a very big, well-planned, well-funded project. In an analysis on his website, Langer said Stuxnet is a directed sabotage attack involving heavy insider knowledge. “This is not some hacker sitting in the basement of his parents’ house,” he wrote. “To me, it seems that the resources needed to stage this attack point to a nation state.”

Other recent posts by bryanh