A worker walks into the control room of the Nuclear Enrichment Plant in Natanz, Iran carrying a USB drive with the new schedules for running the centrifuges—the oven-sized machines that turn uranium into active forms used by nuclear reactors and nuclear weapons. He flips open the Siemens equipment panel, plugs in the flash drive, and starts the update.
Iran’s nuclear infrastructure has just been hacked.
The operating system is attacked first. A fake system driver tunnels into the outdated Windows installation, allowing a stealth virus known as a rootkit to control any process on the machine and propagate across the network. The intrusion is completely hidden.
Next, the code targets the insecure Siemens software that controls the automation in machines throughout the plant. The database is corrupted and infected. The control room’s monitoring screens still show that all is normal.
The payload finally reaches its target: the centrifuge motors. A regulated motor frequency of exactly 1210 rotations per second is crucial to properly enriching uranium. The virus now runs the motors twice as fast, then nearly shuts them down, then speeds them up again. The control panels still display green lights. The malicious software will soon cause the rotating drums of a thousand centrifuges to spin out of control and break down, while staying completely undetected, causing all uranium enrichment to stop. The plant is taken offline to replace the motors.
This scenario actually happened. A virus called Stuxnet was specially designed—by the Israeli and American governments as was recently confirmed—to target and disable Iranian nuclear enrichment plants. By the time the virus was discovered in 2011, it had taken six plants in Iran offline, embarrassing the nation. Yet it was so well targeted that no other countries experienced any problems with their Siemens equipment. “The attackers took great care to make sure that only their designated targets were hit,” observed Ralph Langner, a high-profile security researcher who was first to discover Stuxnet. “It was a marksman’s job.”
Codenamed “Olympic Games,” the virus was intended to stop Iran’s production of nuclear weapon-ready uranium, which it temporarily did (until they were able to bulk up security and rebuild their infrastructure).
Iran’s growing nuclear program is still very much a problem; October 11th’s Vice Presidential debate started with the subject. Discussion continued for twenty minutes until Vice President Biden ended, pausing after each word for emphasis, “We will not allow the Iranians to build a nuclear bomb.”
But imagine if instead a nation developed a malicious program designed to destroy everything, the difference between a stealth sniper mission and a suicide bomb attack—a fine line between cyberwarfare and terrorism. A single virus could stop everything from subway trains to hospital operating rooms, and airplanes to more nuclear power plants. Our world would grind to a halt.
The U.S. government wants to protect America from this nightmare more than ever. This week, the U.S. House Intelligence Committee deemed Chinese telecoms Huawei and ZTE a “national security risk.” A draft report worried that these huge multinational corporations based in China have ties with the communist regime, and could therefore launch a cyberattack in the U.S. using a hidden backdoor. Ironically, all telecom equipment is made in China, no matter where the company is based. However, it is important to be proactive in preventing a meltdown of our infrastructure.
But hacking is not just some worldwide one-up political duel reserved for governments or underground rogues. It has become a form of public activism, a way for a knowledgeable programmer to challenge some of the biggest companies in the world. An influential “hacktivist” group called Anonymous has targeted the FBI, the Pentagon, NATO, Sony, Visa, the Swedish and Tunisian governments, and countless others. However, they don’t aim to take down the Internet or create a doomsday virus. Anonymous believes it a group of global “freedom fighters”: a distributed democratizing force that can morally deface websites, leak documents, and hack servers to push back against censorship and espionage. For example, after several payment companies cancelled their involvement with Wikileaks in 2011,
As this new voice grows on the Internet, most struggle to define these groups as real threats, true heroes, or outrageous nuisances.
So what does this news have to do with me? you may ask. Maybe you think that you have nothing valuable to attack except a Facebook page or email account. But, as our world becomes increasingly reliant on technology for just about everything, a group of hackers could determine the fate of your computer, reputation, career, or bank account.
The time to start securing your future is now—don’t wait till you are compromised. Choose strong passwords, don’t download unknown files, and keep your operating system up-to-date. Security is the enemy of convenience, but preparedness is priceless. Don’t end up like Iran’s nuclear plants.