Stuxnet, Malware and Wikileaks: How Cyber Warfare is a Very Real Threat

Gone are the days when an act of war meant dropping bombs, shooting the enemy and marching thousands of troops across borders. Now the battle is taking place online and it is the computer geniuses in their bedrooms, rather than the battle-hardened soldiers in tanks, that are keeping governments awake at night.

Stuxnet is the most sophisticated computer virus known to man. Discovered in June 2010, the virus spreads via a backdoor exploit in Microsoft Windows and targets industrial software made by Siemens in an attempt to sabotage uranium enrichment facilities.

In an interview with the Sunday Times, Ralph Langner, who is the analyst that deciphered Stuxnet, said: "Everybody is going crazy about the offensive capabilities and opportunities it [Stuxnet] gives you. What people don't realise is how easy such attacks are, and that you don't need the resources of a nation state to pull them off."

Where before governments would fear physical attacks on infrastructure - destroyed bridges, attacks on reservoirs - now the threat comes from the internet, where hackers can create malicious code that is able to infiltrate computer systems and take control of machinery.

Stuxnet took control of two types of frequency converters at the Natanz nuclear facilities in Iran; a report from the Institute for Science and International Security (ISIS) in February 2011 said: "These frequency converters in turn drive the motors of IR-1 centrifuges, which control the speed of the centrifuge rotor.

"Once in control, Stuxnet alternatively increases and decreases the speed of the centrifuge rotor. The attacks are short-lived, either 15 or 50 minutes, and recur about every month."

What worries security experts is that Stuxnet is intelligent; it infiltrated the nuclear controllers and instead of replacing existing code, it injected more to work alongside the original commands. The virus was designed so that it could hide any trace of the attack from the Iranian plant's operators until it was too late.

A report from (ISIS) added: "An attack by Stuxnet turns off the converters' warnings and alarms, and sends false data to the operators' computer terminals. As a result, the operators are unlikely to discover what is happening until it is too late

"It is doubtful that any of the plant's safety systems can intervene in time to stop the destruction wrought by this particular attack sequence."

The idea of computer viruses being able to work undiscovered was brought into the spotlight last week, when Wikileaks founder Julian Assange announced that all smartphones - such as the iPhone and BlackBerry devices - can be monitored by surveillance companies. Worse still, Assange believes that all phone calls can be recorded, text messages saved and even the built in cameras can be operated without the owner knowing.

Assange isn't alone, and last week Privacy International founder Simon Davies gave an exclusive interview to the International Business Times UK. Mr Davies stated that teaming up with Wikileaks is just the start and that the next stage is to convince governments globally to introduce laws governing the use of surveillance equipment on civilians.

While the origins of Stuxnet remain unknown - although some claim the U.S. and Iranian governments are responsible - Langer told the Sunday Times that he found the word "Myrtus" buried in the virus' code. Langer believes that this could refer to Queen Esther who, according to the Old Testament, saved the Persian Jews from annihilation by the Haman. In Hebrew Esther's name is Hadassah, which also means myrtle.

In October 2011 a second threat was discovered by security firm Symantec in the form of a worm called Duqu. The new worm is believed to be a "precursor to a future Stuxnet-like attack" and could be used to gather intelligence for a future attack, rather than commit the attack itself.

The BBC reported Symantec's chief technology officer, Greg Day, as saying: "This isn't some hobbyist, it is using bleeding-edge techniques and that generally means it has been created by someone with a specific purpose in mind."

Such acts of cyber warfare are only going to increase in the coming months and years, and governments must act now to protect themselves not just from hobbyists with a statement to make, but also from other countries who look to use worms and malware to cause maximum damage in areas previously unprotected.

Cyber warfare is not limited to the Middle East and America, and Britain should be looking to increase its digital security in the wake of these worms appearing on the radar. Last year the strategic defence and security review said: "Over the last decade the threat to national security and prosperity from cyber-attacks has increased exponentially. We will also work to develop, test and validate the use of cyber capabilities as a potentially more effective and affordable way of achieving our national security objectives."

Back to the present day, and Christopher Goodwin - reporting in the Sunday Times - claims that a new cyber-attack is imminent: "The Israelis now believe the threat is so imminent that they are seriously contemplating a pre-emptive strike against Iran's nuclear weapons facilities."

David Albright, who runs ISIS and formerly led inspections of Iran's nuclear capabilities in the 1990s it reported as saying: "Stuxnet is now a model code for all to copy and modify to attack other industrial targets. Its discovery likely increased the risk of similar cyber-attacks against the United States and its allies."

Ralph Langer likens the threat of cyber warfare to 'opening Pandora's box'. "Nobody knows what the outcome will be," he said. "But we do know they [Stuxnet creators] opened a new chapter in the book of history, with very profound implications, because now we have cyber war for real."