Friday, June 01, 2012

Cyberweapons and Stuxnet: Always test your code

The suspicions of many security researchers were confirmed today in a New York Times article which revealed that the United States and Israel collaborated in creating Stuxnet (codenamed "Olympic Games"), the computer worm that attacked Iran's nuclear centrifuges. The article makes some interesting points and stresses the importance of software testing.

In preparation for deploying the worm, the team build a replica of the Iranian nuclear facility using the same type of centrifuges used in Iran. The centrifuges used for testing were acquired from Col. Muammar el-Qaddafi back in 2003, and were being stashed in Tennessee. After a few weeks of testing, they successfully destroyed some of the units using the computer worm. "One day, toward the end of Mr. Bush’s term, the rubble of a centrifuge was spread out on the conference table in the Situation Room, proof of the potential power of a cyberweapon. The worm was declared ready to test against the real target: Iran’s underground enrichment plant."

After successfully disrupting some of Iran's uranium enrichment centrifuges, an error was introduced into the code that caused the worm to start propagating all over the Internet during the summer of 2010. This just shows us that despite the elaborate testing procedures, even the most skilled programmers can make mistakes. The event grabbed the attention of security professionals all over the world and raised some concerns about the potential harm it could cause to domestic systems. "...No country’s infrastructure is more dependent on computer systems, and thus more vulnerable to attack, than that of the United States. It is only a matter of time, most experts believe, before it becomes the target of the same kind of weapon that the Americans have used, secretly, against Iran."

Coincidentally, this week it was also revealed that a much more complex cyber warfare and espionage program dubbed Flame has already been in use for several years. It is believed to be government sponsored, but to have been produced by a different organization, and may or may not be related to Stuxnet. The details of these events are fascinating, and are only now starting to be more fully revealed. (Source: New York Times, Kaspersky)

No comments:

Post a Comment