Stuxnet cyberweapon set to stop operating

Goodbye Stuxnet. And Iranian officials would doubtless hasten to add: "Good riddance."

At one second past midnight Sunday, the world's most powerful known cyber weapon, reportedly created by the US with Israeli support to clandestinely infiltrate and then wreck Iran's nuclear fuel enrichment program, will cease to operate.

At present, the program still wakes up, goes through various check functions, looking for a target to destroy. But deep inside Stuxnet's labyrinth of software code are a few lines that will soon order the program to stop working altogether in a pre-programmed, belated and ultimately unsuccessful bid to prevent it from being detected and deciphered, say computer forensic experts who have examined the program's code.

RECOMMENDED: From the man who discovered Stuxnet, dire warnings one year later

As a practical matter, Stuxnet's departure is likely to be an invisible non-event as far as the wider world is concerned. All but a few hundred of the more than 130,000 computers globally – about two-thirds in Iran – that were identified in summer 2010 as infected with the computer worm have already had their software patched and cleaned up.

But the final deactivation of that powerful destructive digital code isn't likely to give much enduring relief to anyone. Not to Iran, which on June 21 announced it was still worried about another imminent "massive" cyber attack against it should negotiations with the US and other nations over its controversial nuclear program fail.

Certainly relief won't come soon for President Obama and his national security team, which approved in spring 2010 unleashing a particularly potent version of Stuxnet, the New York Times reported this month. Called "the bug" inside the White House, Stuxnet was targeted to destroy a key group of 1,000 nuclear centrifuges Iran was believed using to make bomb grade uranium fuel, the Times reported.

Lawmakers in Congress now are calling for an investigation into the leaking of the top-secret US operation code-named "Olympic Games" in which Stuxnet, a name that was given "the bug" by anti-virus firms that found it spreading on networks in 2010.

There's no relief either for worried cyber security experts, some of whom have called Stuxnet the digital equivalent of the first nuclear attack on Hiroshima. They warn that Stuxnet's code provides a template and conceptual model for a far more destructive "son of Stuxnet" cyber weapon that could be deployed by other nation states or hacktivists for cyber attacks against power grids and other civilian infrastructure.

A prime target, they say, would be Stuxnet's own presumed creator – the US, which is to a far greater degree than its potential adversaries, including nations like North Korea and Iran, reliant on cyber-physical industrial control systems of the kind Stuxnet was specifically designed to infiltrate and destroy.

1 | 2 | 3

Next