It was late September when the world got wind of Stuxnet, the complex piece of malware that appeared to specifically target Iranian nuclear sites. Now, analysis of Stuxnet suggests it was almost perfectly designed to corrupt nuclear centrifuges, according to David Albright of the Institute for Science and International Security.
On Wednesday, Mr. Albright and a colleague, Andrea Stricker, released a report saying that when the worm ramped up the frequency of the electrical current supplying the centrifuges, they would spin faster and faster. The worm eventually makes the current hit 1,410 Hertz, or cycles per second — just enough, they reported, to send the centrifuges flying apart. In a spooky flourish, Mr. Albright said in the interview, the worm ends the attack with a command to restore the current to the perfect operating frequency for the centrifuges — which, by that time, would presumably be destroyed. [The New York Times]
Computer experts don’t know Stuxnet’s origin for sure, though the Times’ story drops a few cryptic hints of Israeli involvement. And further study of the attack shows that although Stuxnet appears calibrated to disrupt centrifuges, it could be easily adapted to seize the reins of other systems.
The widespread interconnection of corporate networks and use of SCADA systems [supervisory control and data acquisition] means that industrial infrastructure is increasingly vulnerable to software attack. Such control systems are used in virtually every industry—food production, vehicle assembly, chemical manufacturing—and are commonly exposed to insecure networks. This leaves them vulnerable to tampering, such as with Stuxnet, as well as intellectual property theft. [Ars Technica]
Elsewhere in computing skulduggery, the big story Wednesday was the report that for 18 minutes on an April day, 15 percent of the world’s Internet traffic mysteriously was rerouted through China.
The report said the move affected data traveling over both the government and military networks of the United States, including information from the Senate, the Army, the Navy, the Marine Corps, the Air Force, the secretary of defense’s office, NASA, the Department of Commerce and the National Oceanic and Atmospheric Administration, as well as from many American companies. The incidents, which were widely reported when they occurred, were never explained, although Chinese engineering managers said that the routing errors were accidental. [The New York Times]
Though reports of China-based cyberattacks have been increasing, China today denied any intentional wrongdoing, saying the accusation smacks of “Cold War thinking.” Nevertheless, the report should have us worried.
If the rerouting of traffic was in fact intentional, this incident can be filed alongside the Stuxnet worm … as a new generation of cyber attacks with geo-political implications. Even if neither the China Internet hijacking incident or the Stuxnet worm are truly state-sponsored attacks, they still illustrate what is possible for attackers with the skills and resources to pull it off. [PC World]
DISCOVER: 20 Things You Didn’t Know About… Computer Hacking
80beats: Super-Sophisticated Computer Virus Apparently Targeted Iran’s Power Plants
80beats: Massive Spanish Botnet Busted, but Hacker Mastermind Remains Unknown
80beats: “Soupnazi” Hacker Pleads Guilty to Stealing Millions of Credit Card Numbers
80beats: Iran Blocks Gmail; Will Offer Surveillance-Friendly National Email Instead