Stuxnet Virus: New Age of Cyberwar | Print |
Written by Sam Blumenfeld Friday, 26 November 2010 08:30
The world has been waiting for the Israeli Air Force to bomb Iran’s nuclear facilities for several years. Iran has threatened to wipe Israel — a nation of over seven million people — off the map, and it has embarked on a program to produce a nuclear weapon to do the job.
The world remembers how on June 7, 1981, Israel bombed Saddam Hussein’s nearly completed nuclear facility in Baghdad. The Israelis believed that the nuclear weapons being built by Saddam were aimed at the Jewish state. But ironically they could have been aimed at Iran, with which Iraq was at war. But we shall never know what Saddam really would have done with an atom bomb. Perhaps his aim was to bomb both Israel and Iran.
On September 6, 2007, Israel bombed a nuclear facility in Syria. Apparently, earlier that year Israel had discovered a suspected nuclear bomb facility in the Deir ez-Zor region of Syria. To gain hard evidence, Israel’s famous spy organization, Mossad, either managed to recruit one of the facility’s workers or place a spy posing as an employee at the plant. In this way Israel was able to get photos of the site from on the ground. Indeed, a Swiss newspaper reported that in August 2007, two helicopters flew 12 Israelis to the site in order to get photographic evidence and soil samples. The samples were tested and confirmed to have come from North Korea.
According to a March 19, 2009 report in a Zurich newspaper, Hans Rühle, former chief of the planning staff of the German Defense Ministry, wrote that Iran had been financing a Syrian nuclear reactor. He wrote that U.S. intelligence had detected North Korean ship deliveries of construction supplies to Syria that started in 2002, and that the construction was spotted by American satellites in 2003, which detected nothing unusual, partly because the Syrians had banned radio and telephones from the site and handled communications solely by messengers. He said that "the analysis was conclusive that it was a North Korean-type reactor, a gas graphite model" and that "Israel estimates that Iran had paid North Korea between $1 billion and $2 billion for the project." He also wrote that just before the Israeli operation, a North Korean ship was intercepted en route to Syria with nuclear fuel rods.
Taking out the Syrian nuclear facility was easy enough for Israel. But taking out Iran’s nuclear sites requires a far more daunting plan. Iran’s nuclear facilities are buried deep underground and covered with layers of reinforced concrete — a very difficult target to destroy by air.
But somehow, someone, or some team, in either the United States, Israel, Russia, Canada, or Germany, has come up with a novel way to throw a real monkey wrench into Iran’s nuclear operation. The monkey wrench is a computer virus called Stuxnet.
According to a report by the International Atomic Energy Agency, Iran has been forced to suspend activity on enriching uranium because of “technical problems” that are bedeviling thousands of centrifuges at its Natanz nuclear reactor. All of the controls on these centrifuges were manufactured by the German firm Siemens, and this virus has found a way of sending confusing instructions to these controls that have thrown the Natanz facility completely off balance. Instead of just disabling these centrifuges, the virus can also confuse frequency converters that control all sorts of mechanical and industrial processes.
The virus is also far more virulent than had been originally thought, and was specifically designed to attack control systems manufactured by Siemens, which are in use throughout the world. A New York Times article quoted a U.S. security expert who noted that “computer security organizations were not adequately conveying the potential for serious industrial sabotage that Stuxnet foretells,” implying that many of the world's power plants, water facilities, and other basic infrastructure that are dependent on automated control systems, are at serious risk.
Who would have thought that a computer virus would do to Iran’s nuclear plants what bombers would be unable to do? As of now, Iran’s manufacture of nuclear bombs has been brought to a screeching halt. But will Iran be able to get rid of the virus?
Siemens has released a detection and removal tool for Stuxnet. It advises installing the Microsoft patch for vulnerabilities and prohibiting the use of third-party USB flash drives. But the worm's ability to reprogram itself may complicate the removal procedure. In addition, an incorrect removal of the worm could cause significant damage.
Speculation about who might have created Stuxnet has become a Sherlock Holmesian preoccupation of computer nerds and intelligence agencies. A year before Stuxnet was discovered, Scott Berg of the United States Cyber-Consequences Unit mused that Israel might prefer to mount a cyber-attack rather than a military srike against Iran‘s nuclear sites. Indeed, he predicted that this sort of cyber-attack would probably be developed.
There has also been speculation that NATO, the United States, and other Western nations may have been involved. It has been reported that the United States, under one of its most secret programs, initiated by the Bush administration and continued by the Obama administration, has sought to destroy Iran's nuclear program by novel methods such as undermining Iranian computer systems. However, it is unlikely that we will have the full true story of Stuxnet until this whole mysterious episode is ready for the history books.
Dr. Samuel L. Blumenfeld is the author of nine books on education including NEA: Trojan Horse in American Education, The Whole Language/OBE Fraud, and The Victims of Dick & Jane and Other Essays. Of NEA: Trojan Horse in American Education, former U.S. Senator Steve Symms of Idaho said: “Every so often a book is written that can change the thinking of a nation. This book is one of them.” Mr. Blumenfeld’s columns have appeared in such diverse publications as Reason, The New American, The Chalcedon Report, Insight, Education Digest, Vital Speeches, WorldNetDaily, and others.