Saturday, February 12, 2011

Computer Warfare

This is a great story. Have you heard of the Stuxnet Worm? Ever wonder what it did?

Here's the short version. The Stuxnet worm was a computer virus that spread widely across the Internet but didn't appear to do much of anything. But it turns out that Stuxnet was actually a very highly focused online attack against Iran's nuclear program.

Who created Stuxnet? How was it designed to only damage certain PLCs in certain configurations? Check out this article, from the New York Times:
"Stuxnet Worm Used Against Iran Was Tested in Israel" by William J. Broad, John Markoff, and David E. Sanger
http://www.nytimes.com/2011/01/16/world/middleeast/16stuxnet.html?_r=2&adxnnl=1&src=twt&twt=nytimes&pagewanted=all&adxnnlx=1297440152-ypt5/fid82jbR1UhCP5sBg

What a story! Creating such an attack involved not only a lot of computer programming, but it required physically modeling the devices and specific configurations of those devices to be attacked. And that made all the difference.

"The biggest single factor in putting time on the nuclear clock appears to be Stuxnet, the most sophisticated cyberweapon ever deployed."

"...the worm only kicked into gear when it detected the presence of a specific configuration of controllers, running a set of processes that appear to exist only in a centrifuge plant. 'The attackers took great care to make sure that only their designated targets were hit,' he [Langer] said. 'It was a marksman’s job.'"

"This was not the work of hackers, he [Langer] quickly concluded. It had to be the work of someone who knew his way around the specific quirks of the Siemens controllers and had an intimate understanding of exactly how the Iranians had designed their enrichment operations."

Here is another great paragraph in the article:
"The worm itself now appears to have included two major components. One was designed to send Iran’s nuclear centrifuges spinning wildly out of control. Another seems right out of the movies: The computer program also secretly recorded what normal operations at the nuclear plant looked like, then played those readings back to plant operators, like a pre-recorded security tape in a bank heist, so that it would appear that everything was operating normally while the centrifuges were actually tearing themselves apart."

Note that creating such a weapon involved causing the centrifuges operate in a way that they would damage themselves. But the worm also had to trick the system into sending "normal" readings back to operators so they couldn't react to various safety warnings. Really amazing work.

So, who created Stuxnet? You be the judge:
"Officially, neither American nor Israeli officials will even utter the name of the malicious computer program, much less describe any role in designing it. But Israeli officials grin widely when asked about its effects."

"By the accounts of a number of computer scientists, nuclear enrichment experts and former officials, the covert race to create Stuxnet was a joint project between the Americans and the Israelis, with some help, knowing or unknowing, from the Germans and the British."

No comments:

Post a Comment