Stuxnet

From Wikispooks
Jump to: navigation, search

Concept.png Stuxnet 
(computer virus,  “cyberterrorism”)Rdf-icon.png
Stuxnet.jpg
Start 2005
A production of the NSA and Unit 8200, designed to sabotage Iranian efforts to develop nuclear weapons.

Stuxnet is a computer virus that affects Microsoft Windows. It was first identified in 2010, and hailed as a most impressive feat, giving rise to suspicions that it was produced by a large team of professionals such as a national intelligence agency. Edward Snowden confirmed that it was a joint NSA/Unit 8200 production.[1]

Origins

Symantec suggest that Stuxnet may have been in the wild already by 2005.[2]

Technical aspects

Stuxnet exploited four zero-day flaws. It is typically introduced to the target environment via an infected USB flash drive. It poses no real threat to ordinary users, since its payload is highly specific; it only affects Siemens Step7 software on computers which control a PLC.

Purposes

Stuxent was engineered to sabotage the Iranian project to develop nuclear weapons. To achieve this, it had to reach the computers controlling the centrifuges, which were air-gapped.

The technical prowess needed to create such a piece of malware, and the fact it exploited 4 zero day bugs lead many to suggest that it was created by an intelligence agency, and the NSA was long suspected. The 2016 film Zero Days quotes an anonymous source that Stuxnet was developed by the NSA in concert with Unit 8200. It also stated that in its original form, it might have never been detected, but that Unit 8200 were anxious that it take effect quickly, and so they modified it to increase virrulence at the expense of stealth.[3]

Effects

Stuxnet temporarily disabled 1,000 centrifuges that the Iranians were using to enrich uranium.[1]



References