Back in November, Iran's Ahmadinejad announced that a "cyberattack" had caused minor problems with some of their centrifuges that were concentrating the uranium necessary for nuclear power. He downplayed the significance, but it was the tip of the iceberg that is now being pieced together.
The evidence suggests that both Israel and the U.S. were involved in developing a computer worm designed to target the specific kind of centrifuges being used in Iran. Called Stuxnet, the worm was detected around the globe last year but seemed to cause little harm to computer systems -- except, we now know, in the Iranian uranium processing plants.
Having tested it out on the same kind of centrifuges set up in an Israeli facility for that purpose, the Stuxnet developers designed the worm to go into effect only when it encountered that exact type of centrifuge spinning. Then, after lying dormant for long periods, it set the centrifuges spinning so fast and out of control that they destroyed themselves. A second feature of the worm was copying the normal feedback data and playing it back to fool the operators into thinking everything was all right, until the damage was done.
Meanwhile, curious computer scientists began to analyze the seemingly benign Stuxnet to see what it was set up to do. From the Times article:
No one was more intrigued than Mr. Langner, a former psychologist who runs a small computer security company in a suburb of Hamburg. Eager to design protective software for his clients, he had his five employees focus on picking apart the code and running it on the series of Siemens controllers neatly stacked in racks, their lights blinking.He quickly discovered that the worm only kicked into gear when it detected the presence of a specific configuration of controllers, running a set of processes that appear to exist only in a centrifuge plant. “The attackers took great care to make sure that only their designated targets were hit,” he said. “It was a marksman’s job.”
For example, one small section of the code appears designed to send commands to 984 machines linked together.
Curiously, when international inspectors visited Natanz in late 2009, they found that the Iranians had taken out of service a total of exactly 984 machines that had been running the previous summer.
Bingo. Cyber warfare? Indeed. This raises all kinds of worries: about the vulnerability of, not only the U.S. military/defense systems, but also the U.S. economic systems. Our whole society now is run by computers. What would happen if they were thrown into disarray even for a few days? Airlines, banking systems, instant credit card charges, manufacturing plants, and even medical records and hospital operations would come to a halt. It's almost unthinkable.
On the other hand, it sure beats the alternate of nuclear warfare.
Meanwhile, back on the diplomatic surface, Sec. of State Hillary Clinton announced that we have reason to believe that Iran's nuclear bomb program had been set back by several years. She attributed it to the sanctions, and her tone signaled a definite easing of the urgency about Iran and the bomb.
But the retiring chief of Mossad, Israel's intelligence unit, bluntly told the Knesset that Iran had "run into technological difficulties" that would delay their bomb capability until 2015. The timing and suddenness of this sharp reversal in predictions points to the Stuxnet worm as the primary factor.
What interesting times; what scary times -- fighting a 20th century war and a 21st century war at the same time.
Ralph
No comments:
Post a Comment