Fourth day of Hackmas: Stuxnet – the virus that didn’t do anything (to computers)
I like this virus because of the incredible story that’s behind it. The fact that it didn’t harm computers is also a good one.
And it contained a little bit of humour just to mess with the end targets.
This one plays out like a spy movie.
In 2010 a worm (type of computer virus) was discovered that didn’t appear to much more than propagate across the internet.
Initial investigations of the worm found that it had genuine digital certificates (that guarantee whether a file is trustworthy or not) from recognised companies and it appeared to be well developed and had a direct objective. Meaning that the worm was able to determine its target, but if it didn’t find its target it just moved on.
Once the worm infected a machine it went about checking the computer for necessary parameters. If it finds the right parameters then it moves onto its next phase.
The difference with Stuxnet is that it was designed not to harm digital systems; it was designed to harm physical equipment. In this case, a specific type of centrifuge found only in Nuclear facilities.
Yep – Stuxnet was designed to cause specific models of centrifuges to stop working. And only a limited number of these models were in use around the world – mostly in Iran.
In the end it took out a quarter of Iran’s centrifuges.
Could this have been prevented?