When the Stuxnet computer virus infected Iran’s nuclear power facilities at the Natanz enrichment plant, it became the world’s first cyber weapon. “It turned out the code had been launched into the wild as early as a year before, in June 2009, and its mysterious creator had updated and refined it over time, releasing three different versions. Notably, one of the virus’s driver files used a valid signed certificate stolen from RealTek Semiconductor, a hardware maker in Taiwan, in order to fool systems into thinking the malware was a trusted program from RealTek.”
What’s the Big Idea?
“Stuxnet required an enormous amount of resources to produce, but its cost-benefit ratio is still in question. While it may have helped set Iran’s program back to a degree, it also altered the landscape of cyberattacks. Stuxnet’s authors mapped a new frontier that other attackers are bound to follow; and the next target for sabotage could easily be a nuclear facility in the United States. No one knows what Stuxnet might have achieved had it never been discovered by VirusBlockAda a year ago. … It appeared the attackers were still developing the code when it was uncovered.”