Newswise — The computer virus Stuxnet recently demonstrated unprecedentedly masterful and malicious powers by infecting and then actually sabotaging a uranium-enrichment plant in Iran. Among the first to identify the worm was Roel Schouwenberg, an analyst for Moscow-based Kaspersky Lab, a leading computer-security firm. This month's IEEE Spectrum provides an exclusive report based in part on his experiences.
Stuxnet matters because it provides the first known example of state-versus-state cyberwarfare. This was indeed warfare, because it went beyond mere snooping to inflict physical damage. More such weaponry can be expected in the future.
Schouwenberg and his colleagues at Kaspersky Lab and other computer-security firms began sharing information. They learned that other bits of malware had paved the way for Stuxnet, and they even appear to have provoked an attempt on the part of the worm's authors to cover their tracks. That savoir faire hints that Stuxnet was the product of a state-backed initiative; even more decisive was its unprecedented specificity. Unlike malware designed by private players, Stuxnet and its cousins were engineered not merely to hit particular targets but also to leave untargeted systems undisturbed.
No person or state has acknowledged having played a part in designing Stuxnet, but leaks to the press strongly suggest that the United States and Israel were involved. Stuxnet began by targeting Microsoft Windows machines and networks, repeatedly replicating itself. Then it sought out Siemens Step7 software, used to program industrial control systems that operate equipment, such as the centrifuges in Iran's uranium-enrichment plant. Finally, it compromised the programmable logic controllers, causing the fast-spinning centrifuges to tear themselves apart, unbeknownst to the human operators at the plant.