Cyber warfare has been the talk of science fiction for ages. This past June the world may have seen its first real signs of what cyber warfare is about: an innovative new worm called Stuxnet.
While the worm was first reported in June, a time-stamp in the programming states its release as early as February. The origin of the worm is unknown, but it seems to have been targeted toward Iran, specifically its nuclear program. It is assumed that the program damaged some turbines in a new nuclear power facility. This assumption comes from a sudden drop in the number of centrifuges online. For Iran, the number went from 4,700 to 3,900.
The virus itself is described as one of the most complex viruses to date. Speculation has run rampant that the virus could only have been created by a nation-state. The programmers working on the virus would have to be well-funded. They would also have needed a way to check the virus prior to releasing it. According to Siemens’ experts, the virus would take many months, if not years, to create and test. This shows a level of sophistication that most viruses lack. How it attacks is different and innovative: it messes with the programmable logic controllers. These controllers set the basic operation parameters for various systems. The program disables the ability of the attacked program to send any warning messages and typically hides its action pretty well.
The virus is thought to have entered Iran through a flash drive brought in by Russian contractors. The official Iranian state-run newspaper claims the virus has only been on personal computers and that no serious damage has been done to state-run programs. The virus only attacks a specific program making use of four separate exploits in Windows software. This is unusual as most worms and viruses only make use of a single exploit instead of wasting such a large number. The virus also has embedded security certificates, which is why it took so long to discover.
The virus is unique in the fact that it can be updated via peer-to-peer. This allows Stuxnet to continue to evolve and change even as programmers all over the world try to come up with a way to eliminate the program entirely. Seimens SCADA anti-virus is thought to be the one means by which the worm keeps updating itself. Iran is encouraging its Internet users to not use the SCADA anti-virus as some of the code appears to update and patch Stuxnet.
Stuxnet is the future of cyber warfare, though it has more than likely run its course. Even as it continues to spread, the intricate programming for the worm has only been fractionally decoded and it continues to wreak havoc. The Internet will be the next battleground as more and more countries become reliant on computer systems to run the most basic things. While Stuxnet means nothing for most consumers, it does signal a broader scheme to things: a ramping up in the cyber arms race. It will only be a matter of time before one of these new cyber weapons begins to affect the everyday lives of people.