Stuxnet is the computer virus that sabotaged Iran’s Uranium Enrichment Program back in 2010. It was the first publicly known example of a virus being used to attack industrial machinery.
The earliest version of this computer worm is Stuxnet 0.5 and it’s creation dates back to no later than November 2005, which is two years earlier than originally thought. This version varies in many ways from that of Stuxnet 1.0, which is the one to blame for the erratic spinning of the centrifuges of the Natanz Uranium Enrichment Facility. This worm was part of a covert operation sponsored by the US and Israeli governments.
The similarities between the code sharing of Stuxnet 0.5 and Flamer, an espionage malware aimed at sensitive Iranian computers, suggest that they shared some of the same developers. Liam O’Murchu, manager of operations for Symantec Security Response stated that, “with version 0.5 of Stuxnet, we can say that the developers had access to the exact same code. They were not just using shared components. They were using the exact same code to build the projects. And then, at some point, the development [of Stuxnet and Flame] went in two different directions.”
Stuxnet 0.5 tampered with the valves that fed Uranium hexafluoride into centrifuge groupings. By triggering the valves to prematurely open and close, there was a change in pressure, which in turn caused the gas to solidify and thus destroy the centrifuges and the sensitive equipment used to develop them.
The specificity of the attacks using Stuxnet 0.5 inside Natanz suggests that the attackers were very familiar with the layout of the facility as well as the type of PLCs being used. This implies previous years of espionage, most likely thanks to espionage malware such as Flame, prior to the development of the work.
Stuxnet 1.0 was the later version, which took on a completely different strategy. This time the virus interfered with the computerized frequency converts that controlled the speed of the centrifuges during the enrichment process. By causing the centrifuges to spin at speeds from both extremes, there was permanent damage to key parts of the enrichment process.
Unlike the previous version, which would only infect computers once the infected file was opened, Stuxnet 1.0 infected computers immediately upon insertion of an USB drive carrying the virus. There is no way to know for sure how many computers were affected by the original worm, but Stuxnet 1.0 was reported to have infected an estimated 100,000 computers, many of which were not even involved with the Uranium-Enrichment program.
Prior to the launch of the Stuxnet attacks, intelligence agencies believed that Iran would be able to produce a nuclear weapon by 2010. The results of the computer virus attacks are alleged to have set back the Iranian nuclear program by an approximately three years.
themachiavellianeye.wordpress.com 