We have long viewed malware as a means to disable computers, steal credit card numbers, or pilfer other intellectual property. The recent discovery of the Stuxnet worm shows us a whole new way bad guys can get into our companies, government offices, or even military installations.
The Stuxnet worm targets industrial automation systems and was successful in damaging them in Iran. This particular worm is a small and very sophisticated piece of software that effectively constitutes a digital weapon. This weapon appears to have been carefully designed to sabotage Iran’s nuclear program. It targeted the centrifuges Iran uses to enrich uranium at the Natanz nuclear facilities in Iran.
The weapon installed itself in programmable logic controllers (PLCs) manufactured by Siemens. These controllers regulate the rotational speed of the turbines in Iran’s uranium centrifuges. The weapon was designed to speed up and slow down the turbines while reporting normal conditions to the centrifuge operator. According to German expert Ralph Langer, these oscillations in speed would “result in cracking the rotor, thereby destroying the centrifuge”
While it does not appear that Stuxnet destroyed that Natanz nuclear operation, it has caused some damage. Iranian President Mahmoud Ahmadinejad admitted “They managed to create problems for a limited number of our centrifuges.” Experts outside Iran estimate that as much as 17% of Iran’s nuclear centrifuges were taken offline by Stuxnet, and the whole operation at Natanz was disabled for some time.
So what does this mean for companies in the Midwestern United States? Most analysts say that only a nation state with significant resources could produce a worm this sophisticated and targeted. It is not likely that a light-industrial company in Missouri would be the target of such a sophisticated attack. It is still much easier for bad guys to deploy worms that attempt to steal credit card numbers or other intellectual property than to design malware that affects industrial automation equipment. Nonetheless, you should regularly evaluate your security infrastructure and ensure that measures are taken to protect and secure of all your computer systems.