Stuxnet Virus

The story of the Stuxnet (as Eric Schmidt explains)

Eric Schmidt and Jared Cohen have dedicated the third chapter of their book, The New Digital Age, to the future of states.

One of the sections of the third chapter talks about digital provocation and cyber war.

Schmidt uses a cyber war definition offered by Richard Clarke:

Actions by a nation-state to penetrate another nation’s computers or networks for the purposes of causing damage or disruption.

To illustrate the possibilities and the potential extents of the cyber wars, he refers to Stuxnet virus as one of the most harmful cyber warfare’s ever developed.

Here I have summarized the Schmidt’s account of the story.

Iran - Natanz - The Real Story behind Stuxnet Virus

The Story of Stuxnet (pp.105 – 107, 2013’s edition)

Stuxnet was discovered in 2010 and was considered the most sophisticated piece of malware ever revealed, until a virus known as Flame, discovered in 2012, claimed that title.

Designed to affect a particular type of industrial control system that ran on the Windows operating system, Stuxnet was discovered to have infiltrated the monitoring systems of Iran’s Natanz nuclear-enrichment facility, causing the centrifuges to abruptly speed up or slow down to the point of self-destruction while simultaneously disabling the alarm systems.

Because the Iranian systems were not linked to the Internet, the worm must have been uploaded directly, perhaps unwittingly introduced by a Natanz employee on a USB flash drive

… Initial efforts to locate the creators of the worm were inconclusive, though most believed that its target and level of sophistication pointed to a state-backed effort.

The resources involved also suggested government production: Experts thought the worm was written by as many as thirty people over several months.

Sure enough, it was revealed in June 2012 that not one but two governments were behind the deployment of the Stuxnet worm.

Unnamed Obama administration officials confirmed to the New York Times journalist David E. Sanger that Stuxnet was a joint U.S. and Israeli project… Initially green-lit under President George W. Bush, the initiative, code-named Olympic Games, was carried into the next administration and in fact accelerated by President Obama, who personally authorized successive deployments of this cyber weapon.

After building the malware and testing it on functioning replicas of the Natanz plant built in the United States – and discovering that it could, in fact, cause the centrifuges to break apart, the U.S. government approved the worm for deployment.

… Less than a month after the public revelation about these cyber weapons, security experts at Kaspersky Lab, a large Russian computer security company with international credibility, concluded that the two teams that developed Flame and Stuxnet did, at an early stage collaborate.