Friday, June 28, 2013


Do you favor Stuxnet-type viral attacks on Iran's nuclear power facilities? free polls 
Note: Please take POLL above and feel free to leave a comment.

Well, it surfaced again...Stuxnet...with the former second highest ranking officer in the U.S. military being investigated for allegedly leaking classified information about the Stuxnet   cyberattacks on Iran's nuclear facilities. Retired Marine Gen. James "Hoss" Cartwright is charged with leaking information about the Iran cyberattack in a book by David Sanger.

Several years ago, our Intelligence Community (IC) was concerned about a new Trojan, very similar to the Stuxnet clone, which could disrupt our power plants, oil refineries and other vital computer infrastructure networks.

Read the online spy series "Corey Pearson- CIA Spymaster in the Caribbean". First 3 episodes are free- get to know Corey and how the CIA operates!

The Trojan was dubbed "Duqu" by the security firm Symantec and appeared to have been written by the same authors as the Stuxnet worm, which was used to cripple an Iranian nuclear-fuel processing plant. In September 2010, media reports emerged about a new form of cyber attack that appeared to target Iran, although the actual target was not mentioned. It was discovered that through the use of thumb drives in computers that were not connected to the Internet, the malicious software program Stuxnet infected computer systems that were used to control the functioning of a nuclear power plant. Once inside the system, Stuxnet had the ability to degrade or destroy the software on which it operated. Although early reports focused on the impact on facilities in Iran, researchers discovered that the program had spread throughout multiple countries worldwide.

The emergence of the Stuxnet worm is the type of risk that threatens to cause harm to many activities deemed critical to the basic functioning of modern society. The Stuxnet worm covertly attempts to identify and exploit equipment that controls a nation’s critical infrastructure.

The U.S. Intelligence Community (IC) is, indeed, concerned when such viruses escape their handlers. A successful attack by a software application such as the Stuxnet worm could result in manipulation of control system codes to the point of inoperability or long-term damage. Should such an incident occur, recovery from the damage to the computer systems programmed to monitor and manage a facility and the physical equipment producing goods or services could be significantly delayed. The severity of the  attack, the  interconnected nature of the affected critical infrastructure facilities, and government preparation and response plans are three factors that determine whether or not entities and individuals relying on these facilities could be without life sustaining services for a long period of time. The resulting damage to the nation’s critical infrastructure could threaten many aspects of life, including the government’s ability to safeguard national security interests.

Iranian officials claimed that Stuxnet caused only minor damage to its nuclear program, yet the potential impact of this type of malicious software could be far-reaching. The discovery of the Stuxnet worm has raised several issues for Congress, including the effect on national security, what the government’s response should be, whether an international treaty to curb the use of malicious software is necessary, and how such a treaty could be implemented. Congress may also consider the government’s role in protecting critical infrastructure and whether new authorities may be required for oversight.

So, what about Duqu? Is it a threat to personal computer users like me...and you? It is nearly identical to Stuxnet and is believed to have been created by the same authors, but has a different purpose- to collect information in preparation for future attacks. Duqu was a reconnaissance tool used to copy blueprints of Iran’s nuclear program, while Stuxnet was designed to attack industrial control systems and specifically calibrated to spin Iranian centrifuges out of control. In fact, a 2010 Stuxnet attack temporarily disabled 1,000 centrifuges that the Iranians were using to enrich uranium.

Unfortunately, the New York Times learned in 2010 that President Obama and Vice President Joe Biden were told that Stuxnet had escaped onto the Internet because of a programming error. It was inadvertently allowed to escape Iran's Natanz nuclear plant and spread on the Internet.

And what about viral-offshoots of the Stuxnet-Duqu family? We all remember the Flame virus of several years ago. It was an extensive, data-mining computer virus designed to steal information from computers across the Middle East. It  also spied on and eventually set back Iran’s nuclear program in 2010, when a digital attack destroyed roughly a fifth of Iran’s nuclear centrifuges.  

Even though Stuxnet, Duqu and Flame were written by different teams of programmers, they all share notable features and all three have targeted Iran. Personally, I support their Cyber efforts to thwart Iran's nuclear development. But, that's just my opinion. What do you think? Please take the POLL at the top of this post. I'd like to know your opinion and, please, chip in with a comment, too.
Robert Morton, Ed., Ed.S. is a member of the Association Of Former Intelligence Officers (AFIO) and writes the online spy novel series "Corey Pearson- CIA Spymaster in the Caribbean".  The views expressed on this site do not represent those of any organization he is a member of. Contact him on the Secure Contact Form

No comments: