Welcome to Episode 2 of Terminal Stack’s series, 5 Biggest Hacks Ever! In this post of Terminal Stack, we will be explaining to you about the Stuxnet attack on Iran’s Nuclear Facilities and the potential of the Stuxnet worm. So let’s get started…
What is Stuxnet?
Stuxnet is a malicious computer worm that travels through USB sticks and spreads through Microsoft Windows based computers. It was first detected in the year 2010, this computer virus is responsible for some of the most destructive hacks of all time. It is widely believed that it was created by joint action of the United States of America and Israel to stop Iran from developing nuclear weapons.
Stuxnet worm targets Programmable Logic Controllers of electronic circuits, thus it possesses great risk for production industries like power grids, chemical factories and defense equipment.
Stuxnet worm consists of 3 parts:
- Worm: This is the main payload that executes the attack.
- Link File: This is used for spreading the virus across other devices.
- Rootkit: It hides the virus payload and thus makes it difficult to detect.
This virus searches for Siemens Step 7 software when introduced into a device, if it can’t find this software the worm will stay inactive till the software is introduced.
Attack on Iran’s Nuclear Facility:
Stuxnet was used by Israel and US for destroying around 1,000 centrifuges in Iran’s Natanz nuclear facility by causing them to burn themselves out between the years 2009-2010.
Below is a report of Institute of Science and International Security released by WikiLeaks:
“The attacks seem designed to force a change in the centrifuge’s rotor speed, first raising the speed and then lowering it, likely with the intention of inducing excessive vibrations or distortions that would destroy the centrifuge. If its goal was to quickly destroy all the centrifuges in the FEP [Fuel Enrichment Plant], Stuxnet failed. But if the goal was to destroy a more limited number of centrifuges and set back Iran’s progress in operating the FEP, while making detection difficult, it may have succeeded, at least temporarily.”Institute of Science and International Security
The stuxnet worm travelled to Iran’s nuclear facility from a USB stick and spreaded to over 200,000 devices causing physical damage to more than 1,000 machines. It caused considerable damage to Iran’s nuclear facility responsible for nuclear weapon development.
The attack was a great success for the creators of Stuxnet, it is believed that it was a part of US’ secret cyber arsenal.
Stuxnet demonstrated the amount of damage that can be done by zero day exploits and the importance of cybersecurity for the industries and nuclear facilities.
Aftermath of attack:
Later on, Iran made its nuclear facilities more secure and improved the firewalls to prevent further attacks. It also warned Israel of retaliation attacks. Iran later faced more such worms that were modified versions of Stuxnet, that were used to target oil companies. Iran also increased it’s cyberattack potential and launched multiple attacks on banks in the US.
The US also tried to launch an attack similar to the one on Iran’s nuclear facility using worms like Stuxnet but they were unsuccessful as North Korea is very secretive and it’s almost impossible to sneak into North Korea.
Siemens released a security patch for Stuxnet worm and thus removed this vulnerability from its machines.
This was it for this episode, we will be back with a new post on Biggest Hacks Ever!
If you enjoyed this post, kindly share it on social media.