BBC BLOGS - See Also
« Previous | Main | Next »

Daily View: 'Cyberwar' and the Stuxnet computer virus

Clare Spencer | 10:08 UK time, Tuesday, 5 October 2010

Siemens office

The worm searches systems made by Siemens

Commentators discuss the significance of the Stuxnet virus which is reported to have infected more than 30,000 Iranian computers and believed to be the first worm designed to target major infrastructure facilities.

Lee Smith at Weekly Standard gives his theory to why a regime as “opaque and paranoid” as Iran has admitted to suffering any effects at all:


“One reason is that the Iranians’ complaints of sabotage serve to highlight the contention that theirs is a civilian nuclear program - which Tehran’s adversaries are violating international laws in order to subvert. Then there’s simply the fact that the Iranians apparently can’t stop talking about their nuclear program, like a proud first-time father showing off pictures of his child.”

Computer security writer Frank Rieger concludes in his blog that the virus was not made by an amateur:

“It is clear that it has been a team effort, that a very well trained and financed team with lots of experience was needed, and that the ressources needed to be allocated to buy or find the vulnerabilities and develop them into the kind of exceptional zero-days used in the exploit. This is a game for nation state-sized entities, only two handful of governments and maybe as many very large corporate entities could manage and sustain such an effort to the achievment level needed to build stuxnet. As to whom of the capable candidates if could be: this is a trip into the Wilderness of Mirrors.
“... Stuxnet will go down in history as the first example of a new class of malware, that has been engineered to weapons-grade performance with nearly no side-effects and pinpoint accuracy in delivering its sabotage payload.”

Speculation is rife on where the virus came from. In the Telegraph Richard Spencer offers what he sees as a clue that suggests a link to the Middle East:

“When Stuxnet does triumph, it leaves a number imprinted on its new host: 19790509. That number, Mr O Murchu says, seems to be a date - May 9, 1979.
“Many things could have happened on May 9, 1979: it may just be someone's birthday. But newspaper archives also tell us it was the day Habib Elghanian died. Who was Mr Elghanian? He was the first Iranian Jew to be hanged for spying by the new Islamic Republic. And as we all know, revenge is a dish best served cold.”

This indication adds to an earlier inkling of John Markoff and David Sander in the New York Times:

“Deep inside the computer worm that some specialists suspect is aimed at slowing Iran’s race for a nuclear weapon lies what could be a fleeting reference to the Book of Esther, the Old Testament tale in which the Jews pre-empt a Persian plot to destroy them.”

Kim Zetter of Wired wonders whether apparent clues might be in the code in order to "point suspicion at Israel and away from other possible suspects":

"Or, again, both clues could simply be red herrings.
"[Liam O’Murchu, researcher at Symantec Security Response] said the authors, who were highly skilled and well-funded, were meticulous about not leaving traces in the code that would track back to them. The existence of apparent clues, then, would belie this precision."

Gideon Rachman asks in the Financial Times [registration required] if the answer to a threat of cyberwar is international co-operation and regulation:

“In recent years, the government of Russia has been among the most vocal advocates of new international agreements to regulate cyberspace. China too had spoken up un favour.
"By contrast, the big western powers have been relatively reticent. This may indicate a suspicion of Russian motives, or scepticism about the possibility of effective regulation. Perhaps it also reflects confidence that America remains well ahead of the game in cyberspace, with the most sophisticated research and security capacities. The fact that even Chinese government systems run of pirated software makes them particularly vulnerable.
"For the moment, the western powers probably do still have the upper hand in cyberspace. But one day, the tables may turn. The first we may know of it is when our cashpoints refuse to co-operate, our traffic lights go on the blink and our computers shut down.”

Links in full

Lee Smith | Weekly Standard | Does Stuxnet Mean Cyberwar?
Frank Rieger | Knowledge brings fear | Targeting the Iranian enrichment centrifuges?
Richard Spencer | Telegraph | The first strike by computer?
John Markoff and David Sander | New York Times | In a Computer Worm, a Possible Biblical Clue
Kim Zetter | Wired | New Clues Point to Israel as Author of Blockbuster Worm, Or Not
Gideon Rachman | Financial Times | The undeclared war in cyberspace

More from this blog...

BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.