Sign in with
Sign up | Sign in

Stuxnet is World's First Cyber Super Weapon

By - Source: Tom's Guide US | B 55 comments

More than just some harmless hacking.

Back in June a security firm in Belarus discovered the Stuxnet worm on the computers of some Iranian customers. Stuxnet is believed to have infected over 100,000 computers worldwide and some are speculating that the worm is aimed at disrupting Iran’s nuclear program as 60 percent of infected machines are there.

Wired reports that Stuxnet is designed to attack the Siemens Simatic WinCC SCADA system. These SCADA systems are installed in big facilities (like nuclear plants and utility companies) to manage operations. It's taken researchers three months to come to a conclusion as to what Stuxnet's creator had in mind when it was written. Experts now say that the worm is designed for sabotage and that the level of sophistication behind it suggests it may have had the support of a government or state-run organization.

Frank Rieger, chief technology officer at GSMK, told Bloomberg that the building of Stuxnet would have cost at least $3 million and taken a team of 10 programmers six months to complete.

"All the details so far to me scream that this was created by a nation-state," Rieger told Bloomberg in an interview.

Stuxnet works by infecting Windows machines and then spreads itself to additional machines via infected USB drives, searching for a way to reach the network's PLC (programmable logic controller). Stuxnet can then take control of the PLC and potentially alter the commands it sends through to machinery.

Over the weekend Iranian officials confirmed that 30,000 IP addresses in the country are infected with the malware. There has also been enormous amounts of speculation that computers at Iran's Bushehr power plant have been infected. Though the AFP cites Bushehr project manager Mahmoud Jafari as saying the virus has not caused any damage to the main systems of the plant, Jafari did say Stuxnet had been found on the personal computers of some of the staff. ComputerWorld also notes that yesterday the website of Iran's Atomic Energy Organization included a link to a story on Stuxnet that cited government officials who said "serious damage that caused damage and disablement" had been reported.

Siemens has released a detection and removal tool and advises against the use of third party USB sticks.

Version:1.0 StartHTML:0000000105 EndHTML:0000003314 StartFragment:0000002728 EndFragment:0000003278

Further Reading

Discuss
Ask a Category Expert

Create a new thread in the Streaming Video & TVs forum about this subject

Example: Notebook, Android, SSD hard drive

This thread is closed for comments
Top Comments
  • 24 Hide
    JasonAkkerman , September 27, 2010 4:18 PM
    LOL @ $3 million dollars, 10 programmer, and six months...

    I design and program industrial control systems, including a number of other SCADA systems, PLC's, and DCS's. Trust me, it's not hard to screw them up. You think software crashes are a hassle? Try working in my field were it's an accepted common occurrence (at least during development). Poorly written code, and network infrastructures open the door to any number of ways to attack a control system. For that reason they are usually completely disconnected from the internet, or other networks connected to the internet. Hence they needed a USB stick to get the virus in.
  • 23 Hide
    COLGeek , September 27, 2010 4:09 PM
    This is only the beginning of where cyber-warfare will go. Easy to escalate. Hard (as in impossible) to completely stop. This will get weird and painful as a result of unintended consequences.
  • 19 Hide
    Trueno07 , September 27, 2010 4:27 PM
    wymer100Another reason not to use Windows, especially for critical functions.


    If Iran used Linux i'm sure that wouldn't have stopped the hackers. Nothing can stop them.
Other Comments
    Display all 55 comments.
  • 23 Hide
    COLGeek , September 27, 2010 4:09 PM
    This is only the beginning of where cyber-warfare will go. Easy to escalate. Hard (as in impossible) to completely stop. This will get weird and painful as a result of unintended consequences.
  • 12 Hide
    Nightsilver , September 27, 2010 4:13 PM
    COLGeekThis is only the beginning of where cyber-warfare will go. Easy to escalate. Hard (as in impossible) to completely stop. This will get weird and painful as a result of unintended consequences.


    My thoughts exactly. Doesn't matter who threw this punch, the internet's about to explode.
  • -6 Hide
    mlopinto2k1 , September 27, 2010 4:15 PM
    All of these attacks should not be broadcast. They should be dealt with swiftly and silently. It is only inviting more attacks, giving amateurs "ideas".. don't ask, don't tell.
  • 24 Hide
    JasonAkkerman , September 27, 2010 4:18 PM
    LOL @ $3 million dollars, 10 programmer, and six months...

    I design and program industrial control systems, including a number of other SCADA systems, PLC's, and DCS's. Trust me, it's not hard to screw them up. You think software crashes are a hassle? Try working in my field were it's an accepted common occurrence (at least during development). Poorly written code, and network infrastructures open the door to any number of ways to attack a control system. For that reason they are usually completely disconnected from the internet, or other networks connected to the internet. Hence they needed a USB stick to get the virus in.
  • -1 Hide
    Anonymous , September 27, 2010 4:23 PM
    PLC's can be used for emergency shut down's. The DCS's are used for normal day to day control. If the worm was aimed at PLC's and not DCS's, that's a very strategic choice.
  • 19 Hide
    Trueno07 , September 27, 2010 4:27 PM
    wymer100Another reason not to use Windows, especially for critical functions.


    If Iran used Linux i'm sure that wouldn't have stopped the hackers. Nothing can stop them.
  • -5 Hide
    adaman2576 , September 27, 2010 4:31 PM
    Stuxnet. Don't you mean Skynet.
  • 10 Hide
    Trialsking , September 27, 2010 4:31 PM
    Like this was some big surprise. Its the 21st century, and this IS the future of warfare. Rayguns and Halo Spartan armor is not a future reality that is practical, its cyberwarfare on infrastructure. Why go head to head in a obvious open military conflict with all the political problems associated with that. Just look at the "war of terror", the battle lines are being rewritten as we speak.
  • -3 Hide
    Lewis57 , September 27, 2010 4:33 PM
    Trueno07If Iran used Linux i'm sure that wouldn't have stopped the hackers. Nothing can stop them.


    Although true, it's safe to say if you get a random IP, it's connected to windows in some way, so create a windows based virus. It would be logical for most computers to run windows and then the critical machines to run a random Linux Distro, if the windows machines got infect the critical machines wouldn't be infected.
  • -6 Hide
    milktea , September 27, 2010 4:36 PM
    No doubt the US is trying to disrupt Iran's nuclear operation.
    The US Government needs to do a better job in hiding their secret Cyber Wormpon.
    Their first target should be the security firm in Belarus.
  • -6 Hide
    formin , September 27, 2010 4:37 PM
    if u control the power u got the power to control
  • 10 Hide
    mrmotion , September 27, 2010 4:40 PM
    You know every nation state employs hackers. Iran just needs a better team... lol
  • -5 Hide
    tony_latino , September 27, 2010 4:52 PM
    First, if this is the United States trying to attack Iran then this is a complete PR disaster and intelligence failure. The CIA should have had their ear to the ground and once word of the virus discovery was made, the person who discovered it should have been approached (as in given a large sum of money) to STFU and let the worm do its job.

    Secondly, I always wondered why the US government does not do more cyber attacks. Terrorists use websites to boast of their conquests and communicate Jihad to others. Why can't we just disable those webservers in a targeted DoS attack?

    Oh well - yet another intellgigence snafu - sad really.
  • 7 Hide
    husker , September 27, 2010 4:55 PM
    QuoteFrank Rieger, chief technology officer at GSMK, told Bloomberg that the building of Stuxnet would have cost at least $3 million and taken a team of 10 programmers six months to complete.

    I wonder how they arrived at that number? Other than paying 10 programmers 300K each for 6 months work, what significant costs could there be?
  • 2 Hide
    _tus_ , September 27, 2010 5:04 PM
    If it was the US it would actually be benificial to us for it to be discovered. Our military doctrine is based upon the threat of what we can do to you, which is backed up by the actual fact that we can pull it off. Iran has been sittin there all secure like because they feel we can't touch them conventionally. Now think of what must being going through their heads when they know we don't even have to put men on the ground to affect them. Think of it as a deterrance... one that we never have to actually admit to. Hell, I would suspect that if we really wanted to screw w/ their systems we wouldn't have done it in this manner.
  • -6 Hide
    Zingam , September 27, 2010 5:05 PM
    Infecting the computers of a nuclear powerplant is the worst kind of terrorism. And it that has been done by US or Israel... I have nothing else to say. Deeds speak for themselves.
  • 1 Hide
    cscott_it , September 27, 2010 5:16 PM
    From all of the other reports I've read, it would seem that Israel is the most likely candidate and the source that all fingers are pointing to (both in Iran and abroad).

    It's actually not uncommon for viruses to target specific infrastructure related PC's. However, they are normally only used for monitoring. Israel has succesfully done this a number of times, this would however, be the first attempt to disrupt operations. At least, that has been launched by a city-state/government.

    As far as the whole Linux vs. Windows thing goes, nothing is perfect, and with the resources and programming power that developed Stuxnet, it would have happened to whatever OS was on the machine, so long as it was on a network with computers that could reach the internet.
Display more comments
Tom’s guide in the world
  • Germany
  • France
  • Italy
  • Ireland
  • UK
Follow Tom’s guide
Subscribe to our newsletter