There was more to Stuxnet than we ever knew

A new report reveals how the reportedly U.S./Israel-launched worm against Iran's nuclear facility had a "twin"

Published November 20, 2013 4:11PM (EST)

 Iran's Natanz nuclear facility      (Wikimedia/Hovev)
Iran's Natanz nuclear facility (Wikimedia/Hovev)

Stuxnet -- the worm that targeted Iran's nuclear facilities in 2010, allegedly launched by the U.S. and Israel -- was a bigger program dating back three years earlier than was initially thought, a new report suggests.

The in-depth report of "Stuxnet's secret twin" published in Foreign Policy details the origins of the worm's original variant, traced in Iran's nuclear facilities as early as 2007 -- three years before the cyberattack garnered public attention. This variant (the secret, older worm) was, according to the report from cyber-defense consultant Ralph Langner, potentially more powerful and harder to detect than the worm discovered in 2010.

The Stuxnet worm, often symbolic of a geopolitical shift toward cyberwarfare, still remains a highly mysterious program. Langner's report suggests that cyberwarfare, enacted by global superpowers, has for some time been highly sophisticated with the ability to, without detection, attack major infrastructure. As Gizmodo commented on the findings, "Even though the earlier variant of the worm could easily cause the centrifuges to fail, it took a more clandestine approach and set them up to fail at a later date, thereby further evading detection. It's unclear why, years later, the attackers decided to opt for the more brute force tactic."

And as Langner noted:

With Iran's nuclear program back at the center of world debate, it's helpful to understand with more clarity the attempts to digitally sabotage that program. Stuxnet's actual impact on the Iranian nuclear program is unclear, if only for the fact that no information is available on how many controllers were actually infected. Nevertheless, forensic analysis can tell us what the attackers intended to achieve, and how. I've spent the last three years conducting that analysis... What I've found is that the full picture, which includes the first and lesser-known Stuxnet variant, invites a re-evaluation of the attack. It turns out that it was far more dangerous than the cyberweapon that is now lodged in the public's imagination.


By Natasha Lennard

Natasha Lennard is an assistant news editor at Salon, covering non-electoral politics, general news and rabble-rousing. Follow her on Twitter @natashalennard, email nlennard@salon.com.

MORE FROM Natasha Lennard


Related Topics ------------------------------------------

Cyberattack Cyberwar Hacking Infrastructure Iran Israel Natanz Nuclear Facility Ralph Langner Stuxnet Worm