Âé¶¹´«Ã½

Stuxnet: the online front line

Forecasts of cyberwar have been dismissed as hype, but the worm running rampant through Iran's nuclear facilities suggest otherwise, says Paul Marks
Stuxnet can affect industrial assets including power stations
Stuxnet can affect industrial assets including power stations
(Image: Sipa Press/Rex Features)

Forecasts of cyberwar have been dismissed as hype, but the worm running rampant through Iran’s nuclear facilities suggest otherwise, says Paul Marks

IS CYBERWARFARE (a) one of the biggest threats of the 21st century or (b) an elaborate hoax designed to extract money from gullible governments? Stuxnet, the computer worm running rampant in Iran’s nuclear facilities, tells us the answer. An of the worm by computer security company Symantec makes it abundantly clear that a few lines of malicious computer code can trip electricity grids, burn out power-station generators, pollute water supplies and sabotage gas pipelines. That cyberattacks can become real-world attacks is no longer a matter of conjecture.

To date, most attacks on computer networks have stayed firmly in the virtual world. In April 2007, for example, Estonia’s e-infrastructure was crippled by cyberattacks, supposedly at Russian hands after a diplomatic spat over Soviet-era war graves. But since most of us can cope without e-banking, e-commerce or public-service websites for a few hours, those demanding expensive defences to deal with the threat of cyberattacks have often been accused of exaggerating.

Stuxnet shows they were not. Where regular worms merely infect computer systems, stuxnet can reach out into the physical world. It uses vulnerabilities in Microsoft Windows to give an attacker remote control of the specialised factory-floor computers used to control industrial processes. These programmable logic controllers (PLCs) do not run everyday computer languages: each type of machine has its own customised language.

Stuxnet is the first worm designed to attack a PLC in its own language. Its target is one of the most popular models, made by Siemens and used to run oil pipelines, power grids and nuclear plants. The worm can allow attackers to run motors so fast they burn out, to turn off alarms and safety cut-offs, open effluent valves and activate pumps – in other words, carry out industrial sabotage and skulduggery on a massive scale.

“The worm allows attackers to carry out industrial sabotage and skulduggery on a massive scaleâ€

Stuxnet’s origin was unknown as Âé¶¹´«Ã½ went to press. Iran suspects the Pentagon or Israel (a biblical reference in its code lends some credence to that claim, and more than a whiff of Dan Brown). Regardless of who wrote it, cyberwar just got real.