Stuxnet’s evil twin highlights the very real threat of cyber-warfare

Stuxnet

Knowledge of the deadly Stuxnet worm that wreaked havoc with Iran’s nuclear infrastructure has been public for more than three years now, but cybersecurity experts continue to stumble upon new revelations – with the latest one being that Stuxnet had an older, and far more evil, ‘twin’.

An in-depth report from Foreign Policy’s Ralph Langner lifts the lid on the origins of the older Stuxnet, which infected Iran’s nuclear facilities as early as 2007 and was in fact far more powerful than its later variant. Previously, researchers thought that Stuxnet was essentially pretty crude in its methods – simply causing the centrifuges at Iran’s Natanz uranium-enrichment plant to spin too fast and break down.

That may be true with the newer variant of Stuxnet, but Langer’s research suggests that the older Stuxnet worm was far more sophisticated, damaging the centrifuges by blocking the gas outflow from them, resulting in a build up of pressure that wrecked equipment. The worm was so sneaky that it even managed to hide what it was doing, looping 21 seconds of its sensor values so that those overseeing the facility wouldn’t realize the pressure was building up.

As to why the attackers would adopt such a clandestine method at first, only to take a brute force approach later, remains unclear, but as Langner points out: “The dramatic differences between both versions point to changing priorities that most likely were accompanied by a change in stakeholders.”

There are still plenty of unanswered questions about the Stuxnet worm, the biggest of which is who made it in the first place. Most people, including the New York Times, believe that either the US or Israel, or both, were the brains behind the worm.

But irrespective of who actually built Stuxnet, those no doubt that the worm was designed as a form of digital weapon – and a very powerful one too – that could well have massive implications for the future of warfare.

As Langer argues:

“Along the road, one result became clear: Digital weapons work. And different from their analog counterparts, they don’t put military forces in harm’s way, they produce less collateral damage, they can be deployed stealthily, and they are dirt cheap. The contents of this Pandora’s box have implications much beyond Iran; they have made analog warfare look low-tech, brutal, and so 20th century. “

If there’s one thing we can take home from this, it’s that Stuxent has helped us to understand that cyber-warfare is not just some kind of futuristic fantasy story – it’s very real, and small scale attacks are becoming alarmingly regular. If the US and/or Israel can build something as destructive and clandestine as Stuxnet, there’s no reason why other countries, such as China, Russia and Iran, wouldn’t be able to do the same thing. And that’s why US authorities have even began to simulate cyber-attacks on vital installations in the country, to figure out ways of defending against them.

Let’s just hope they’re up to the job.