What is Stuxnet?

July 18, 2012

In 2010, a new computer worm aimed Iran’s nuclear facilities generated a flurry of media attention. There are new worms appearing everyday — why did Stuxnet generate so much attention? Stuxnet was designed for sabotage — pure and simple. This sophisticated worm disrupted centrifuges and turbines at Iran’s nuclear enrichment facility by controlling its programmable logic controllers (PLCs), computers used to control the automation of mechanical processes. Since then, more advanced variants of Stuxnet have been reported around the globe.

The Threat Evolves
More recently, an apparent descendant of Stuxnet called Duqu has appeared in energy facilities in at least eight countries. It may be an updated version of Stuxnet created by the same author or perhaps a different author used Stuxnet’s source code to create Duqu. Although Duqu has not been used in any actual attacks to date — it is capable of doing damage. The goal of Duqu appears to be probing for sensitive information and weaknesses that could be exploited in future attacks.

Extortion is the most prevalent cyberthreat reported by the global energy sector. Criminals gain access to a utility’s system, demonstrate that they are capable of doing damage, and then demand a ransom. And the sums of money paid out are equally staggering — hundreds of millions, by some estimates.