Saturday, November 23, 2013

Stuxnet's Attack On Iran's Nuclear Program Was More Sophisticated Than Anyone Realized

Then-President Mahmoud Ahmadinejad looks at SCADA screens in the control room at Natanz in 2008. The screen facing the photographer shows that two centrifuges are isolated, indicating a defect, but that doesn’t prevent the respective cascade from continuing operation (red highlighting added).

Stuxnet's Secret Twin -- Ralph Langner, Foreign Policy

The real program to sabotage Iran's nuclear facilities was far more sophisticated than anyone realized.

Three years after it was discovered, Stuxnet, the first publicly disclosed cyberweapon, continues to baffle military strategists, computer security experts, political decision-makers, and the general public. A comfortable narrative has formed around the weapon: how it attacked the Iranian nuclear facility at Natanz, how it was designed to be undiscoverable, how it escaped from Natanz against its creators' wishes. Major elements of that story are either incorrect or incomplete.

That's because Stuxnet is not really one weapon, but two. The vast majority of the attention has been paid to Stuxnet's smaller and simpler attack routine -- the one that changes the speeds of the rotors in a centrifuge, which is used to enrich uranium. But the second and "forgotten" routine is about an order of magnitude more complex and stealthy. It qualifies as a nightmare for those who understand industrial control system security. And strangely, this more sophisticated attack came first. The simpler, more familiar routine followed only years later -- and was discovered in comparatively short order.

Read more ....

My Comment: For those who find cyber warfare events interesting ....this story is for you.

No comments: