Stuxnet virus threat is real

The World

This story was originally covered by PRI’s The World. For more, listen to the audio above.

Stuxnet’s been called “a game changer” in the field of cyber-security.

An expert even went so far as to call it “a fearsome prototype of a cyber-weapon that will lead to a new arms race.”

Eric Chien, technical director at Symantec Security Response, has been studying the worm for months.

“We could tell it was trying to sabotage some industrial control systems,” Chien said. “But we couldn’t see exactly what.”

Turns out Stuxnet was locating and reprogramming Programmable Logic Controllers, devices that monitor, and control, other industrial devices including things like the motors on conveyor belts.

Or, in this case, says Chien, something called frequency converters.

“What it does is it actually changes what’s called the frequency on these things called frequency converters,” Chien said. “And basically it will speed it up and slow it down, and that will definitely sabotage or interfere with a targeted process.”

Turns out that frequency converters control the speed of the motors that spin the centrifuges used to enrich uranium. And in particular, Stuxnet was designed to target converters made by a Finnish company and an Iranian company.

Both kinds are used at nuclear facilities in Iran. That’s when David Albright, director of the Washington based Institute for Science and International Security took at closer look at what Stuxnet was designed to do.

“Over a pretty short period of time it would take the speed up to pretty high level, then drop it down to almost zero and then return it to a certain speed,” Albright said. “And so you’d have a situation where if it was driven up to a pretty high speed, the rotor would simply fall apart.”

It’s unclear whether that happened at any facilities in Iran. Officials in the country have been silent on whether any damage actually occurred.

But the mere fact that Stuxnet was so specifically targeted makes it clear to experts that this wasn’t the work of amateurs.

“The code in Stuxnet looks nothing like what you would see from Eastern European malware, it doesn’t have any of the tell tale signs of anything you’d see in the code from the Asia pacific rim,” said Tom Parker, director of the security consulting firm Securicon. “You’re looking at an organization that’s highly funded and highly capable.”

Parker says that the odds are Stuxnet is the product of a nation-state in the West, written with some inside help of those familiar with these specific kinds of equipment.

And Parker says he hopes Stuxnet shows everyone how important it is to protect our own critical infrastructure which brings water to our taps, electricity to our homes and allow traffic controllers to keep planes in the air.

Sign up for our daily newsletter

Sign up for The Top of the World, delivered to your inbox every weekday morning.