Stuxnet, the complex computer worm that nearly crippled Iran’s still-functioning nuclear program, didn’t just sprout from the ether. It was created, by Man, and was probably tested in Israel at the massive (and oft-unacknowledged) Dimona nuclear facility.
Previously, Dimona was the centre of Israel’s super secret nuclear arms program. Located in the Negev desert, it has never been acknowledged as anything but a—well, anything really, but conventional wisdom says the arms and fuel are there.
Today, however, Dimona is also being labelled as the front in the burgeoning “cyber war.” According to experts in a piece over at the New York Times, in amongst the actual nukes and nuke fuel at Dimona is a mock nuclear bomb testing ground that’s nearly identical to Natanz, Iran’s uranium enrichment facility.
One Smart Worm
Like Danny Ocean and his band of Las Vegas-robbing companions, Israeli (and U.S.) scientists and hackers allegedly used this mock facility to perfect the Stuxnet computer worm and then deploy it within the real deal over in Iran. And deploy it they did, with the effects, speaking of Ocean’s Eleven, playing out just like a movie:
The worm itself now appears to have included two major components. One was designed to send Iran’s nuclear centrifuges spinning wildly out of control. Another seems right out of the movies: The computer program also secretly recorded what normal operations at the nuclear plant looked like, then played those readings back to plant operators, like a pre-recorded security tape in a bank heist, so that it would appear that everything was operating normally while the centrifuges were actually tearing themselves apart.
It would appear as though the practice made perfect, as the now well-known Stuxnet attack—initially launched in 2009—appears to have set the Iranian nuke program back “several years,” say officials like Sec. of State Hillary Clinton. Israel, for its part, believes the wounded Iranian nuke program will not bear the country any destructive fruit before 2015.
It should be noted that the U.S. and Israel have never officially acknowledged any involvement with the worm’s development. They won’t even talk about it in the general sense! This fact, unsurprisingly, has not stopped the Iranians from claiming the worm smelled strangely of the Pentagon.
Not Too Many Cooks In the Kitchen
That the Stuxnet worm was tested in Dimona does not mean its development was confined to just the dry Negev desert. Indeed, once cybersecurity experts got their hands on Stuxnet code, they found it bore the mark of authors from several countries and major corporations.
Seimens, for example, was looped into the discussion early on. Before Stuxnet was a household name in security circles, the Germany-based company cooperated with the U.S. Idaho National Laboratory on a number of security-related activities involving their industrial-level computer controllers. These are the same controllers, mind you, that currently sit crunching numbers and controlling uranium centrifuges in Iran.
Seimens claimed the Idaho program was routine, and that it was cooperating with the U.S. as part of an effort to secure its products from “well-hidden holes” in Seimens systems. These holes, coincidentally, were some of the same ones exploited by Stuxnet the following year.
The NYT article is a fascinating (and quick) read, and I encourage you slip over there today to check it out. There is a bloodless war going on out there today, and it’s one that is eons ahead of any blue screen of death-creating adware currently plaguing your Windows machine. Targeted strikes. Custom code hit jobs. International movie-like scripts being written in real-time. Cyberwarfare is certainly here, isn’t it? [NYT]