Stuxnet Could Be Modified to Undermine Nuclear Weapons

Monday, September 12, 2011



Tomer Teller, a security evangelist for Check Point, warned of the likelihood that the Stuxnet virus could be adapted to undermine systems that control nuclear missile arsenals.

Teller made the prediction at a conference in Sydney, Australia last week hosted by Check Point.

"Nuclear warheads are controlled by computers so if someone managed to slip a worm inside a facility that will reach the warhead component, they could launch it and than aim it back at the country’s facility... Stuxnet is the first cyber weapon that could cause major disruption" Teller explained.

Teller indicated he has conducted a detailed analysis of the Stuxnet code, and given the size and complexity of the file, Teller believes it is likely that a successful attack would require utilization of an insider.

“This is a huge file, it’s 1 megabyte [MB] of code and I respect the skill required to engineer that code as it is very complex," Teller said.

The most likely avenue of for the attack, Teller postulated, would be through the use of a tainted USB drive.

“In order to get something trusted by Microsoft, you need to get those exploits signed... What we think happened is that an insider broke into JMicron, a chip manufacturing company based in Taiwan, as there is a computer at that office which is dedicated to signing these Microsoft drivers," Teller said.

Stuxnet was first identified in 2010, and both the New York Times and a German researcher have indicated the source of the malicious code was a joint program administered by the U.S. and Israel.

Stuxnet is a highly sophisticated designer-virus that wreaks havoc with SCADA systems which provide operations control for critical infrastructure and production networks, and leading theories indicate that the malware was probably produced to stifle Iran's nuclear warhead ambitions.

The Stuxnet virus attacks are thought to have caused severe damage to Iranian uranium enrichment facilities and reportedly set back the nation's nuclear program by as much as several years.

"Stuxnet may have been deployed already but we don't know about it because some companies won't disclose breaches," he said.

Iran is still struggling with the aftermath of the Stuxnet virus attacks more than a year after the infestation was discovered. The virus specifically targeted Siemens Programmable Logic Controllers (PLCs) used to control uranium enrichment centrifuges, but could be adapted to target other systems Teller said.


Possibly Related Articles:
Viruses & Malware
Insider Threats malware Defense Attacks Stuxnet Headlines National Security Nuclear
Post Rating I Like this!
Krypt3ia Ugh, ok, this is not a doomsday thing. It would maybe cause a malfunction to ancillary systems that could maybe prevent a launch... Sensationalism..
Anthony M. Freed Since we don't launch nuclear weapons very often, the chance that such an infestation could prevent us from doing so if need be sort of undermines our biggest deterrent and ultimately our national security. Seems like it is worth a look...
Krypt3ia Anthony, please note the word "may" or "maybe" that I used. There are some PLC systems in the silo's but none to my knowledge would be the death knell on a launch. Remember, "redundant systems" are in place.
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.

Most Liked