Famous Cyber Attacks: #1 Stuxnet

In the next few blog posts I would like to introduce a whole new aspect of my CAJ topic: Famous Cyber attacks. With the number of cyber attacks increasing annually, Pentagon has decided to consider cyber attacks acts of war. There are a number of those attacks out there that have become extremely popular; one of them being Stuxnet.

Stuxnet is frequently referred to as the world’s first cyber weapon. The malware, also known as a worm, was first discovered in June 2010 by a computer security firm in Belarus on the computer of one of their Iranian clients. What shocked computer specialists most about Stuxnet was the fact that this piece of malware could control things in the physical, real world. While it is still unclear who created the Stuxnet virus and what exactly the worm was targeting, it is well known that Stuxnet could even make whole motos blow up. The whole program was designed to sabotage and attack control system and consequently allow sabotage in pipelines, nuclear plants and other facilities.

Ever since the first computer was reported to have been infested with the Stuxnet virus, the worm has spread to more than 100.000 machines in 155 countries, though most infections are reported to have taken place in Iran. This explains why the suspected target of the Stuxnet virus is Iran. The worm first spread via an infected usb flash drive and later searches for vulnerable computers on the network in order to keep spreading.

Computer and control system security professionals like Ralph Langner, like many others, suspects that the main target of the Stuxnet attack were one of Iran’s nuclear power plants and an uranium enrichment facility located in the same country. The owners of these facilities, however, refuse to admit that the virus took control over their plants and there is likewise no nation that admits to having created Stuxnet, though the main suspects for this task are Israel and the U.S.A.

What is even more dangerous now than the Stuxnet virus itself is the fact that this functioning piece of malware was released on the internet and is now available for hackers to be further developed.