A blog about a very dangerous malware named Stuxnet.
What is Stuxnet?
Stuxnet is a malware that is used to infect computers and servers, but it’s more than just a simple malware. It’s a computer worm that was made to take advantage of unknows Windows zero-day vulnerabilities to travel and infect more and more computers. That is not the reason why Stuxnet is such a big deal though. It’s a big problem in the Cyber Security world because of its ability to cause effects and changes in the physical world. It was mainly designed and used to mess with Iran’s nuclear programs. It’s a weapon that is entirely made up of code.
Where Did The Name Stuxnet Come From?
At first, the malware was originally called Rootkit.Tmphider. Later on, it was referred to as W32.Temphid, then finally changed to W32.Stuxnet. The name Stuxnet came from a combination of two components in the malware code that make Stuxnet. The two components are .stub and mrxnet.sys. It’s just a combination of stu from .stub and xnet from mrxnet.sys.
How Does Stuxnet Work?
Stuxnet would travel from computer to computer, searching for specific models of PLCs. PLCs are used to control machinery such as machinery used in Iran’s nuclear program. If Stuxnet was on your computer and did not find what it was searching for, it would do no harm and continue to spread. Once it found Iran’s nuclear program’s PLCs, it would alter the programming of the PLCs. This altering of the PLCs would cause the centrifuges to spin quicker and longer than intended. This would damage and potentially destroy the equipment that Iran’s nuclear programs are using.
Who Created Stuxnet?
At the moment, people all over the world believe and accept that Stuxnet was created by the intelligence agencies from the United States and Israel. Neither country acknowledges that they created Stuxnet, but there is some evidence against them. A 2011 video was created to celebrate the retirement of Israel’s Defence Forces head names Gabi Ashkenazi. In the video, Stuxnet was listed as one of the successes under his watch.
Sadly, the individuals who actually engineered Stuxnet have not been identified. It’s estimated that it was probably a big team of highly skilled engineers. Roel Schouwenberg estimated that it would take a team of ten coders 2–3 years to create the worm. that is a long time to create some malware.
Why Was Stuxnet Created?
As stated before, Stuxnet was designed to mess with Iran’s nuclear program, but why would America and Israel do that? America and Israel were afraid that Iran was getting very close to creating atomic weapons. Instead of doing something like having Israel airstrike the nuclear facilities, they decided to go with a means that would not result in a religious war between Israel and Iran. That is when the idea of a cyber attack that could affect the physical world came up. They decided that if that was possible, that is what they will use against Iran. A couple of years later, Stuxnet was created.
Why Is Stuxnet Important?
Stuxnet is important because it’s a gateway to a new era of warfare. Up until Stuxnet was created(2010), the idea of cyber attacks affecting the physical world was science fiction. With Stuxnet being created, a whole wave of possibilities is revealed. The ability to affect the real world with code could be used for good, but it seems that it’s going down a destructive path. The technology of Stuxnet can be used in warfare to sabotage countries nuclear power plants, missiles, etc… Anything that is connected to the internet and is controlled by a program on a PLC is not safe. There is already malware that is similar to Stuxnet such as Duqu and Flame, showing that this Technology is spreading in a bad way. The next war to happen may only be fought with cyber attacks.
What Can We Learn From This Event?
A major thing that we can learn from this event, is that technology is forever growing and developing in good ways, but in bad ways as well. We keep thinking that all of our lives are so much better with technology, which is true, but they don’t ever think about how harmful the technology can be. As we keep improving the technology to better our lives, there are people out there developing technology to harm lives.
Protecting our computers from malware is important, but now we need to protect the physical world from malware as well. Lives are now heavily at risk because of the invention of Stuxnet. Now we need to develop means of preventing malware such as Stuxnet. Stuxnet is an open source malware, so people can use it to create malware that searches for more than just PCLs. This is not the end either.
As we keep moving forward, more and more amazingly dangerous malware will continue to be created, so we need to keep creating measures to counteract them. It’s an endless cycle. Hopefully, we learn that technology can be used as a dangerous weapon and that without people to counteract it, the entire world will be physically vulnerable to cyber attacks.
___________________________________________________________________
Thanks for taking your time to read my blog :)
If you have more time, check out my other blogs in the links down below.
