Stuxnet worm escapes US and Israeli control

An article in the New York Times tells the fascinating story of the Stuxnet worm created by the United States and Israel to target an Iranian nuclear factory, which has now gotten away from their control.

In 2010, the Stuxnet computer worm was highly visible in the media. This extremely sophisticated malware in its conception, which targets specific installation, has for a long time been suspected of being developed by a state. In an article, The New York Times states that the United States and Israel were behind Stuxnet.

This story is worthy of being a spy thriller, with the malware being designed to attack a nuclear facility in Iran, although it accidently escaped and went wild throughout the world.

According to David E. Sanger’s article, the threat of a uranium enrichment facility in Natanz, Iran – with the risk of weapons of mass destruction – led to President George W. Bush to launch a program to get control of this installation’s computer systems under US control.

With a computer spy, the super program allowed the US to gain information about the Natanz command and control system. This information was used by the NSA (National Security Agency) and Israeli security experts to develop a sophisticated program to sabotage the installation.

According to David E. Sanger, this American – Israeli development was pushed by the USA to avoid Israel launching their own preventative military attack against the nuclear plant.

To test the capabilities of The Bug computer worm, which was later identified in the media as Stuxnet, the USA secretly built a replica of the Natanz computer system, right down to similar centrifuges recovered from a plant abandoned by Colonel Kaddafi and Libya’s nuclear program.

These tests demonstrated the capabilities of The Bug in slowing down and accelerating the speed of the centrifuges to damage them. The malware was introduced by spies in Natanz through infected USB memory sticks which were left around the site which then provided physical access to the computer system.

The New York Times goes on to write that more sophisticated infection methods were developed, with the first attacks conducted in 2008. Iranian engineers apparently didn’t even realize that their computer system was compromised.

When the Obama administration took over from the Bush administration, a decision was taken to continue with the Olympic Games program. Attacks then continued, but in the summer of 2010 a problem was encountered.

An error in the code of a new variant in The Bug was behind the spread of the worm outside of Natanz systems, leading to the infection of computers around the world. This malware was never supposed to go outside from Natanz’s machines.

The game was up when the worm’s code made its way onto an engineer’s computer when he was connecting to Natanz’s centrifuges. He then connected to the Internet with the same computer. Due to the bug, the malware wasn’t able to detect that the environment had changed.

As soon as the Stuxnet worm was made public by security companies, operation Olympics Games was lost. Other centrifuges have also fallen victim to a new version of The Bug.

David E. Sanger states that he has obtained information from officials previously involved in the operations, but who of course want to keep their anonymity. Now that this is out, others suspect something similar occurred with Flame.