STUXNET COMPUTER WORM - AN IN-DEPTH LOOK!!

Dear Readers,


In my previous post, I discussed the details about the cyber attack, which was carried out by Israel against Iran. Now in this post, I will make an analysis of this cyber monster. I will also discuss some findings about this computer virus and the opinion of the experts.


Computer Worm (Def)
A 'worm' is a type of computer virus that can be reproduce by sending copies of itself to any PC that is connected to the infected machine.


Stuxnet Computer Worms
A computer virus called Stuxnet has been described as the most sophisticated 'worm' ever created and has already infected more than 45,000 networks worldwide. Internet security experts fear that Stuxnet is the first 'worm' specifically created to target real-world infrastructure such as power stations, water plants and even nuclear reactors.


Why a cyber attack instead of air/military strike
In 2009, a year before Stuxnet was discovered, Scott Borg of the United States Cyber-Consequences Unit (US-CCU) suggested that Israel might prefer to mount a cyber attack rather than a military strike.
The project's political origins can be found in the last months of the Bush administration. In January 2009, The New York Times reported that Mr. Bush authorized a covert program to undermine the electrical and computer systems around Natanz, Iran's major enrichment center. President Obama, first briefed on the program even before taking office, sped it up, according to the officials familiar with administration's Iran strategy. So did the Israelis, other officials said. Israel has long been seeking a way to cripple Iran's capability without triggering a war, that might follow an overt military strike of the kind they conducted against nuclear facilities in Iraq in 1981 and Syria in 2007.
Three years ago, When Israel still thought its only solution was a military one and approached Mr. Bush for the bunker-busting bombs and other equipment it believed it would need for an air attack, its official told the White House that such a strike would set back Iran's programs by roughly three years. Its request was turned down. 
Now, Mr. Dagan suggest that Israel believes it has gained at least that much time, without mounting the attack. So does the Obama administration.  


Experts opinion and some brief analysis 
When cyber security experts get together, usually talk about such things as the latest techniques in credit card fraud. But the big session at the Virus Bulletin conference in Vancouver. British Columbia, Canada, was about the Stuxnet Computer Worms. It was arranged by Symantec company, whose researchers have been analyzing the computer worm for several weeks.
The Symantec researchers say the Stuxnet worm was designed by a well-funded, well-organized group, perhaps affiliated with a government. They are convinced it was meant to target facilities in Iran. The worm was apparently designed to penetrate and take over the computer controlled system used in nuclear plants in Iran.
It is capable of taking control of key processes and is able to set off a sequence that could cause the entire system to self-destruct, say experts.
David Enim, a senior security researcher at Kasper sky, said what made Stuxnet different from other viruses was its targeted nature.
Though American and Israeli officials refuse to talk about what goes on at Dimona, the operations there, as well as related efforts in USA, are among the newest and strongest clues suggesting that the virus was designed as an American-Israeli project to sabotage the Iranian program.


The worm itself now appears to have included two major components. One was designed to send Iran's nuclear centrifuges spinning wildly out of control. Another seems right out the movies: The computer program also secretly recorded what normal operations at the nuclear plant looked alike, then played those readings back to their plant operators, like a pre-recorded security tape in a bank heist, so that it would appear that everything was operating normally while the centrifuges were actually tearing themselves apart.    


Findings of Mr. Langner
No one was more intrigued than Mr. Langner, a former psychologist who runs a small computer security company in a suburb of Hamburg. eager to design protective software for his clients, he had his employees focus on picking apart the code and running it on the series of Siemens controllers.
He quickly discovered that the worm only kicked into gear when it detected the presence of a specific configuration of controllers, running a set of processes that appear to exist only in a centrifuge plant. "The attackers took great care to make sure that only their designated targets were hit," he said. "Because of the complexity of the attack, the target must be of extremely high value to the attackers. It was a marksman's job."


But as Mr. Langner kept peeling back the layers, he found more --- what he calls the 'dual warhead.' One part of the program is designed to lie dormant for long periods, then speed up the machines so that the spinning rotors in the centrifuges wobble and then destroy themselves. Another part, called a 'man in the middle' in the computer world, sends out those false sensor signals to make the system believe everything is running smoothly. That prevents a safety system from kicking in, which would shut down the plant before it could self-destruct.


"Code analysis makes it clear that the Stuxnet is not about sending a message or providing a concept," Mr. Langner later wrote. "It is about destroying its targets with utmost determination in military style."





A very strange coincidence
Here I will discuss with u people, a very strange 'coincidence.' In his analysis, Mr. Langner also wrote that one small section of the code appears designed to send commands to 984 machines linked together. Curiously, when international inspectors visited Natanz in late 2009, they found that the Iranians had taken out of service a total of exactly 984 machines that had been running the previous summer!!! So, ponder upon this point my dear readers.


How Stuxnet computer worm Spreads

How Israel got blue prints of the Iranian centrifuges
"To check out the worm, you have to know the machines," said an American expert on nuclear intelligence. "The reason the worm has been effective is that the Israelis tried it out."


Dear Readers,


Now lets have a look on this important matter. I myself conduct a search about the ways and possibilities, by means of which the Israelis were capable of having the exact design of the Iranian centrifuges, because without having an exact idea about the Iranian centrifuges, a successful cyber attack was not possible . What I found, lets have a look.

In early 2008, the German company Siemens cooperated with one of the USA's premier national laboratories, in Idaho, to identify the vulnerabilities of computer controllers that company sells to operate industrial machinery around the world --- and that American intelligence agencies have identified as key equipment in Iran's enrichment facilities.

Siemens says that program was part of routine efforts to secure its products against cyber attacks. Nonetheless, it gave the Idaho National Laboratory --- which is part of the Energy Department, responsible for America's nuclear arms --- the chance to identify the well hidden holes in the Siemens systems that were exploited the next year by Stuxnet. 

Now lets discuss about the machines. In 1970s, the Dutch designed a tall, thin machine for enriching uranium. The resulting machine,was known as P-1. The P-1 is more than six feet tall. Afterwards Iran, Libya & North Korea got P-1s from the black market. Now here comes the role of USA. USA obtained a cache of P-1s after Libya gave up its Nuclear program in late 2003, and the machines were sent to the Oak Ridge National Laboratory in Tennessee, another arm of the Energy Department of USA. Now, was it difficult for the Israelis to gain these machines from here, for the Stuxnet developing & testing?? I leave the answer on my dear readers...!!!

Dear Readers,

I hope that this post will help you to make clear vision about the Natanz attack & Cyber Warfare. I tried my best to provide you people all the available info about this cyber weapon. Well, keep me informed about your comments. My next post will be about another untold and shocking story. So wait and watch....!!!!

Thanks for Caring,

Ali Murad

The Fifth Dimension-Cyber Warfare..!!

It was a dark night of the second week of November, 2010. Four men landed on a deserted part of Iranian coastal area, by means of a Dolphin class submarine & were vanished in minutes from the spot.
Before anyone came to know, submarine dived, & was out of Iranian waters. This submarine was of Israeli Navy, which was deputed on the survalliance of Irani coasts since 2007. All of four men landed, were from 'Mossad', two of them were from 'Death Squad' division and other two were Nuclear engineers.
Mission of 'Seath Squad' members was the assassination of two important Iranian officials & nuclear engineers were there to guide a sabotage attack on Natanz nuclear complex of Iran.

Natanz nuclear complex, Iran

In the morning of 29th November, the 'Death Squad' members targeted two key officials of Iran.
With the help of a motorbike, one 'Death Squad' member threw gernade in the car of Dr. Majid Shehriyari (a key scientist of Iran), at the time when he was sitting in his car, for his office. Dr. Majid died at the spot and his wife got critically injured. 

Dr. Majid Shehriyari (Late)

Destroyed car of Dr. Majid after the attack

Just moments later of this attack on Dr. Majid, a key defense dept. official of Iran, Faridoon Abbassi Dadani was attacked exactly in the same way. He survived but got critically injured.


After moments later of these deadly attacks, Israeli nuclear engineers transmitted a signal of a secret code near the Natanz nuclear complex. After few minutes, Iranian scientists could be seen running inside & outside the complex facilities. The centrifuge machines of the complex had gone completely out of control. Their motors were rotating too fast. In minutes, 984 machines of the complex were no more. Due to this sabotage attack, Iranian nuclear program was thrown 3 years back. This was a high tech cyber attack from Israel on Iranian centrifuges, by means of a computer virus, named 'Stuxnet computer worms.' 20% of the whole Iranian centrifuges were gone in this attack & obviously, replacement of machinery on such a large scale is not an easy task. It requires a lot of funds and a long period of time.

Space image of Natanz nuclear plant

This attack, which was carried out with the help of 'Stuxnet computer worms' was first most sophisticated cyber attack till date. This attack has added fifth dimension in the modern warfare. Before this, wars were fought on land, sea, air & in space. Now this fifth dimension is cyber warfare. 'Stuxnet computer worms' is the most sophisticated cyber super weapon developed till date. This cyber weapon can be easily used on any machinery controlled by computer. 
Point to remember is that Pentagon has already declared all its digital material as a national asset of USA. And moreover, in the command of General Keith B. Alexander, US cyber command is now operational. Including Britain, some other western countries have also established cyber commands. From these developments, we can easily get an idea about the future warfare scenario. 
Everyone knows that Iran initiated its nuclear program in the era of 'Shah' in 1953, but the government of 'Mehmood Ahmadi Najad' is working on the program with full devotion & is determined.

Iranian President Mehmood Ahmadi Najad visiting Natanz nuclear plant

Keeping in mind the security of nuclear facilities, Iran initiated its nuclear program on 16 different locations . All these Iranian nuclear facilities were developed underground. Due to this, it was not an easy task to attack & destroy them.  
Iran's nuclear program is not acceptable to western governments, Arab countries, USA & Israel. Especially Israeli leaders have warned a no. of times in these words:
" Nuclear Iran is not acceptable at any cost. Iran will be destroyed before becoming a nuclear power." 
In the beginning, Israel urged America to launch an attack on Iran. But due to its involvement in Iraq and Afghanistan, USA was not in position to launch a direct attack on Iran. Then Israel imposed tough sanctions on Iran, with the help of UNO & USA, but these were proved to be in vain.
In these conditions, Israel itself decided to launch a direct attack     on Iran & work was started on all options i.e. land, air or sea attack & sabotage. Israeli air force practiced high tech air attack exercises in June, 2008. These exercises were carried out 870 miles from Israeli coasts, in the Mediterranean Sea. In these exercises, almost every type of air crafts was used. Targeted air attack and air refueling of planes, were practiced.

Air refueling of the helicopters during the Israeli exercises

In 2010, with the collaboration of Greek air force, Israeli air force carry out large scale air exercises on Crete Island. In these exercises F-161, F-151 bombers & Sea Stallion helicopters were used. 

Crete Island, where joint exercises were carried out

But as discussed above, Iranian nuclear facilities are underground, due to this reason MPR-500 (multi-purpose rigid bomb) was developed. This bomb is specially designed to penetrate through even double reinforced concrete walls & has the capability to destroy strongest bunkers. 

MPR-500

Beside these all preparations Israel was focusing on sabotage mission, specially. There was a lot of pressure on American President Obama to destroy the nuclear facilities of Iran, So President Obama arranged a secret policy, with Israel, against Iran, which was named 'Engage, Sanctions & Sabotage.'

American President Barack Obama

Exactly according to the policy, talks were continued with Iran through different channels. On the other hand. tough sanctions were imposed on Iran, by the help of UNO. In the core of these two acts, work on the sabotage attack on Iranian centrifuges, was continued.
A team of top Israeli scientists and programmers was made, and was given a task to develop such a computer virus, which should be capable of destroying the Iranian computerized centrifuges. So at Damona, in the Negeve desert of Israel, work on this project was initiated in a heavily guarded facility. First, copies of Iranian centrifuges were developed. These copies were developed to test the virus on them before the proper attack. 

Space photograph of Natanz nuclear facility, Iran

After a continuous hard work of two years, the Israeli team was succeeded in the development of the computer virus, named 'Stuxnet computer worms', which is proved to be the most sophisticated cyber weapon till date. After proper testing on the copies of Iranian centrifuges, this cyber weapon was used successfully, resulting in their destruction. 
Now, this cyber weapon can be used against any country. By the help of this virus Air defense systems, communication systems & nuclear plants can easily be disabled. Any country, except USA & Israel has no arrangements to cope with this cyber monster.


Dear readers,
I always try to convey such information to you people, which seems to me interesting and very little known. In my next post I will give complete detail about Stuxnet computer worms, Inshallah. In my next post you will find detailed answers of the following questions:


1. What is a computer worm?
2. What actually Stuxnet computer worm is, & how does it work?
3. What is the opinion and findings of International experts about this cyber super weapon?
4. How and who was involved in the development of this cyber monster?
5. By which means Israel was succeeded in the development of the exact copies of Iranian centrifuges?
6. By whom complete information about Iranian centrifuges was provided to Israel?


Thanks for caring,


Ali Murad.