Top Middle East story of 2010: The Stuxnet virus
From Jerusalem Post:
The results are in: Some 60% of Jpost.com readers voted for the Stuxnet worm as the biggest Middle East story of 2010. In second place, the US pullout from Iraq took 15% of almost 2,000 votes.
As the year 2010 comes to an end, one of its greatest mysteries has yet to be revealed. Did the Stuxnet virus set back Iran’s nuclear program by two years as some computer experts have said or was it just a small glitch in the system, quickly resolved as claimed by Iranian President Mahmoud Ahmadinejad?
What is for sure is that the sophisticated piece of malware which has grabbed the world’s attention is likely just the beginning when it comes to the use of cyberwarfare in global efforts to stop Iran. Some have compared it to the entrance of the airplane or tank into the modern battlefield.
Stuxnet was discovered by a Belarus-based security firm in July. It is, of course, not the first piece of malicious software used to attack an adversary, but its unique ability to takeover control systems of industrial systems and reprogram them had yet to be seen.
It soon became clear that the worm was aimed at Iran and particularly two of its nuclear facilities – the Bushehr reactor and the Natanz uranium enrichment facility, infecting possibly as many as 60,000 computer systems. Some analysts have raised the possibility that Stuxnet was behind the decommissioning of 1,000 centrifuges in the beginning of the year. Others believe that at one point it caused a complete shut down at Natanz.
Some news reports claim that the virus is still infecting Iran’s computer systems which have been blocked off to the outside world, likely in an effort to prevent the revelation of the real extent of the damage.
In November, the International Atomic Energy Agency (IAEA), the United Nation’s nuclear watchdog, said that Iran had suspended work at its nuclear-field production facilities. While the IAEA did not specify the cause for the suspension, Stuxnet was considered a likely culprit.
While widespread speculation has named Israel’s Military Intelligence Unit 8200, known for its advanced Signal Intelligence (SIGINT) capabilities, as the possible creator of the software, Israel has not officially said a word about it. Senior IDF officers have however recently confirmed that Iran was encountering significant technological difficulties with its centrifuges at the Natanz facility.
Some have drawn clues from the code, which consists of 15,000 lines and is described as being as sophisticated as the computer code which is used in cruise missiles. The word “Myrtus” for example appeared in the code, a possible reference to the Hebrew word Hadassah, the birth name of the Queen Esther from the Purim holiday who is buried in Persia. Another supposed clue was the number 19790509 which also appears in the code and might refer to the date "1979 May 09", the day a prominent Persian Jew was executed in Teheran.
Computer experts say though that clues like these are not usually left behind in codes. At the same time, if it was Israel it might have preferred to leave clues that would put the world on the track of different country and not itself. One German expert said that in his opinion the code was likely written by two countries over a period possibly of several years.
David Albright, president of the Institute for Science and International Security, studied the Stuxnet code and discovered that the virus caused the engines in Iran’s IR-1 centrifuges to increase and decrease their speed. In a subsequent report, Albright cited an unnamed government official who claimed that Iran usually ran its motors at 1,007 cycles per second to prevent damage, while Stuxnet seemed to increase the motor speed to 1,064 cycles per second.
Regardless of the extent of the damage, Iran will eventually overcome Stuxnet and purge the malware from its computer systems. This is however likely just the beginning. The shadow war between Israel and Iran will continue.