Stuxnet Discovered To Contain Two Stealth Weapons

The Stuxnet virus that damaged IranEUs Natanz nuclear facility was worse than we thought. In fact, Ralph Langner, a cyber security expert, described it as EUfar more dangerous than the cyberweapon that is now lodged in the publicEUs imagination.EU

Claimed by some to be a joint project between the U.S. and Israel, Stuxnet garnered worldwide attention when it destroyed about a fifth of IranEUs nuclear centrifuges. But according to Langner the story behind the story is that Stuxnet is not really one weapon, but there exist two versions of the virus.

EUThe vast majority of the attention has been paid to Stuxnet's smaller and simpler attack routine -- the one that changes the speeds of the rotors in a centrifuge, which is used to enrich uranium,EU Langner wrote in Foreign Policy magazine. EUBut the [older version of Stuxnet] is about an order of magnitude more complex and stealthy.EU

An Opening Salvo

It is now known that in 2007, an older version of Stuxnet, dubbed Stuxnet Mark I, targeted the gas valves in the Iranian nuclear reactor. By contrast, the second version of Stuxnet, which was reported in 2010, targeted the reactors' cores.

According to Langner, the first and largely forgotten version of the virus qualifies as nightmare for those who understand industrial control system security. And strangely, he said, this more sophisticated attack came first while the more familiar routine followed only years later -- and was discovered in comparatively short order.

We caught up with John Shier, a senior security advisor at Sophos, to get his reaction to the report. He told us Langner talks about Stuxnet as being the opening salvo in cyberwar -- and he couldn't agree more. While technology has been used in the past as part of larger and more traditional military campaigns, he said, Stuxnet is the most successful, purpose-built...

Comments are closed.