Skip to: Content
Skip to: Site Navigation
Skip to: Search

Stuxnet cyberweapon set to stop operating

Stuxnet infected some 130,000 computers worldwide, most of them related to Iran's nuclear fuel enrichment program. It's programmed to shut down just after midnight Sunday, but there likely are other cyber espionage systems out there.

(Page 2 of 3)

"It can be argued that the time was ripe for history's first cyber weapon, and having it come from China or Russia would have created another unpleasant Sputnik experience," wrote Ralph Langner, the Hamburg, Germany-based cyber security expert in a recent opinion article in the New York Times. "On the other hand it is evident that the United States is not prepared to defend against such sophisticated cyber-physical attacks that they chose to experiment with in the open, with the actual weapon eventually being downloadable from the Internet."

Skip to next paragraph

Mr. Langner's discovery that Stuxnet was not just another piece of criminal malware, but was actually the world's first nation state-built cyber super-weapon and apparently targeting Iran's nuclear program, was verified and first published by the Monitor on Sept. 21, 2010.

Ever since, the hunt has been on for who built and unleashed Stuxnet – and the fragments of other digital weapons that keep popping up. That hunt has yielded a drumbeat of surprises. First, has come the discovery of at least two other highly sophisticated cyber espionage systems that also appear to target Iran's nuclear program – and also show clear signs that they are directly related siblings of Stuxnet – and developed by the same source, according to forensic analysis and recent news media reports.

"Whoever was running this operation needed these programs to conduct a large number of highly targeted and clandestine operations against Iran and its allies," says John Bumgarner, a former Army intelligence officer now research director for the US Cyber Consequences Unit, a nonprofit security think tank.

As it turns out, Stuxnet was probably the last piece of the puzzle, the digital muscle deployed to take out Iran's nuclear centrifuge systems. In fact, it had two other siblings – espionage programs that gathered intelligence and prepared the cyber battlefield.

"Flame," a highly sophisticated espionage program was in essence a giant vacuum cleaner – sucking up information from wireless sources, turning on computer microphones, stealing files, Mr. Bumgarner says. Discovered just last month, Flame is believed to have been on the loose since at least late 2007 and was likely created earlier that year, according Kaspersky, the Moscow-based anti-virus company.

Meanwhile, "Duqu," another espionage program was deployed to infiltrate specific computers within key companies that had programs related to Iran's nuclear program. It was far more highly targeted than Flame and came later, according to Symantec, the big anti-virus company that did a comprehensive analyses of Stuxnet. Duqu and Stuxnet shared a common programming platform apparent in their code, linking them to the same team of programmers, Symantec found.

By the time Stuxnet was created sometime between January-June 2009, Flame was already in existence – created probably no later than summer 2008, Kaspersky reported this month. Meanwhile, Stuxnet's 2009 version used a fragment of code based on Flame, Kaspersky says. Thus, Stuxnet, Duqu, and Flame all share key components.

The trio was created, Kaspersky argues, by two independent developer teams – one for Flame, and the other for Stuxnet and Duqu, each "developing its own platform since 2007-2008 at the latest." In 2009, part of the code from the Flame platform was used in Stuxnet. That cross-linking means all three programs now are tied together.


Read Comments

View reader comments | Comment on this story

  • Weekly review of global news and ideas
  • Balanced, insightful and trustworthy
  • Subscribe in print or digital

Special Offer


Doing Good


What happens when ordinary people decide to pay it forward? Extraordinary change...

Danny Bent poses at the starting line of the Boston Marathon in Hopkinton, Mass.

After the Boston Marathon bombings, Danny Bent took on a cross-country challenge

The athlete-adventurer co-founded a relay run called One Run for Boston that started in Los Angeles and ended at the marathon finish line to raise funds for victims.

Become a fan! Follow us! Google+ YouTube See our feeds!