20100922

Cybersabotaging Iran's Nuclear Program

Cyberwarfare is nothing new. People in the know have been tracking hacking attempts and viruses for decades. Markus Hess broke into computers for the KGB in the late 80s, while the Morris worm brought down the internet entirely in 1988. But what's new is that an incredibly sophisticated worm (4 0day exploits, and a P2P communication system) has been infiltrated into specific pieces of hardware, Siemens Programmable Logic Controllers, for unknown ends.

"When Stuxnet finally identifies its target, it makes changes to a piece of Siemens code called Organizational Block 35. This Siemens component monitors critical factory operations -- things that need a response within 100 milliseconds. By messing with Operational Block 35, Stuxnet could easily cause a refinery's centrifuge to malfunction, but it could be used to hit other targets too," Byres said. "The only thing I can say is that it is something designed to go bang," he said.

Most of the computers infected are in Iran, and Siemens controllers are used to run U-235 separating centrifuges. Depending on the sophistication of the attack, Iran's nuclear program could be significantly set back, or if the finished uranium undetectably contaminated, even deemed a failure.

This could be the first strategic cyberattack on a specific target, as opposed to tactical network disruption to break through air defenses. But while cyberwarfare is less deadly than kinetic warfare, the entry of sophisticated groups (not going to point fingers at states yet), putting disruptive software on large computer networks is a bad deal. There's too little accountability, and too much of an incentive to try and disrupt the economy of a rival. Sum over the world, and soon nothing much will work correctly due to ultra-sophisticated hacks.


3 comments:

  1. What I've been reading about this suggests that the attack was indeed organized by a nation-state ( not so irrelevant now, perhaps ? ), and Israel was a prime suspect.

    I'm not sure this is necessarily true. For whatever reason, I'd believe that there exists a group of super-elite hackers out there that _can_ produce malware of this sophistication, and apply their own ethical codes to determine that Iran's uranium refinement centrifuges should be a target of sabotage. But then, maybe I just wish I lived in a Stephenson novel.

    ... plus it just seems super dangerous to suggest to Iran that Israel has been hacking their nuclear program.

    ReplyDelete
  2. irene28.9.10

    I'm pretty sure you can't "undetectably contaminate" enriched uranium by changing parameters. All you have to do to detect contamination is to run the stuff through a mass spectrometer that can resolve isotopes, which is something that you probably already do if you're enriching isotopes.

    ReplyDelete
  3. I think its still possible to contaminate the finished uranium.

    Maybe if they think they're running a calibrated machine that they "know" is extracting the right isotopes, and they don't test until its too late.

    Or, the mass-spec could be compromised as well ? though that seems implausible.

    Yeah, I agree then : if the engineers are alert, any possible contamination would be detected early.

    ReplyDelete