Remember Stuxnet, the computer worm designed to take out Iran's nuclear plants? It was developed by the United States and Israel -- that is, by the NSA and Unit 8200
. Although Stuxnet is in the news again, many of the current stories don't mention the worm's spooky origins. I guess journalists prefer to give the impression that Stuxnet just popped into existence like Mr. Mxyzptlk.
Most articles about this virus neglect to mention something revealed in June of last year: Israel intentionally disabled a "kill switch" built into Stuxnet, thereby allowing its spread into the wild. That's why this state-sponsored malware may now be on any computer, including your own.
Stuxnet (or a related malware) is spreading -- and I'm starting to think that what we're seeing is no accident. Evidence suggests that the targets have been carefully selected.
The worm has invaded the International Space Station
via a USB stick carried by a cosmonaut. In this case, I do favor the "accident" theory -- unless there is more going on up there than we've been told.
But I have little doubt that another target -- a Russian nuclear plant
-- belongs in the "made it happen on purpose" category. So far, no news stories have identified the specific Russian nuke plant that was hit. (Or did I miss something? If you know which facility was involved, please share your info with the rest of the class.) More frightening still is the claim that any number of other power plants
may also be infected.
Stuxnet targets the SCADA
industrial control software developed by Siemens. SCADA exists in many variants and is used in facilities all over the world. This one-app-for-all-purposes approach has many advantages -- and one huge problem: Vulnerability. Before SCADA, industrial facilities hired programmers to create individualized proprietary software, an expensive approach which was inherently more secure. ("Security through obscurity
," as the geeks say.)
The above-mentioned Russian nuke plant was disconnected from the internet
at the time of its infection, according to security expert Eugene Kaspersky. I can't verify whether this claim is true. If it is
true, I'd like to know how the system was compromised. It is worth noting that current versions of SCADA rely on cloud computing
, and on a new concept (well, new to me
) called the "Internet of Things."
If you want a good scare, read the Wiki article at the other end of that last link while keeping in mind this reminder of what Stuxnet can do
It initially spreads through Microsoft Windows and targets Siemens industrial control systems. It's considered the first malware that both spies and subverts industrial systems. It's even got a programmable logic controller rootkit for the automation of electromechanical processes.
Here's the part very few people are talking about
Let that last point sink in for just a second. This thing, with a little bit of coaxing, can actually control the operation of machines and computers it infects.
: Stuxnet is generally thought to be a Windows-only virus. But the International Space Station switched over to Linux
some time ago. (Apparently, the ISS made the switch because they've been troubled by Windows-based virii
since 2008, and perhaps earlier.) This changeover includes all of the laptops used in space. Keep in mind that the virus "got in" via a USB stick.
The ISS uses SCADA
on Linux computers. Turns out there was a version of SCADA for Linux
as early as 2001, and perhaps earlier.
Either Stuxnet is cleverer than we thought, or the current "Stuxnet" worm is actually something new.
Here's the part no-one is talking about:
If it is true that the worm has infected nuclear power plants around the world, we have officially entered James Bond territory. A single malefic individual (feel free to visualize a bald man sitting in a leather chair as he strokes a white cat) could set off dozens of nuclear meltdowns. Simultaneously. Worse, that same malefic individual could also control water systems, electrical systems, gas pipelines -- anything that uses SCADA.
Do you find that scenario too paranoid to be credible? Before you smirk and scoff, consider this: Not long ago, anyone suggesting that the NSA or Unit 8200 created malware would have been derided as a wacky conspiracy theorist...