Arik Hesseldahl

Recent Posts by Arik Hesseldahl

CBS’s “60 Minutes” Casts Its Eye on Stuxnet Worm

It has been almost two years since the infamous and mysterious computer worm known as Stuxnet was first detected by a team of researchers in Belarus.

Opinions on this vary, but the worm that is said to have caused explosions at certain nuclear installations in Iran is thought to have set that country’s alleged nuclear energy and weapons ambitions back by as much as two years.

The fascination persists. Although no one has ever taken official responsibility for it — the leading suspects in its creation are Israel and the U.S., acting together or independently — Stuxnet is widely considered to have been the most successful and innovative weapon of digital warfare ever seen.

And though numerous media accounts have, with the help of anonymous sources, filled in some of the narrative around its development, the subject of the covert cyber campaign against the Iranian nuclear program has generally remained outside the attention envelope of mainstream TV audiences.

That will change Sunday night when CBS’s popular television news documentary show “60 Minutes” turns its attention on Stuxnet, and the concept of offensive cyberwar generally.

If you’re not familiar with the particulars of Stuxnet, here’s a brief explanation: It’s a sophisticated worm that experts say required several months and millions of dollars to design. Via long-since-patched vulnerabilities in Microsoft Windows, it is designed to burrow its way into specialized industrial computers called programmable logic controllers, made by the German industrial company Siemens. These PLCs sit between conventional computers and industrial machinery like factory equipment, generators and centrifuges used to create nuclear fuel. PLCs and systems like them are widely used and, in many cases, not well secured, in part because they were never designed to be connected to the Internet.

(I first wrote about it at my last job in 2010 in stories found here and here.)

The story goes that the worm was first introduced to Iran via infected flash drives that were dropped around the outside of certain targeted facilities. The worm was carefully programmed to target a specific installation and to remain inert until it found its target. When it did, it seized control of some 1,000 Iranian nuclear centrifuges at Natanz, about 200 miles south of Tehran. While displaying seemingly normal operating conditions to workers there, the centrifuges were forced to spin out of control and effectively destroy themselves.

In a preview video released today (embedded below), “60 Minutes” correspondent Steve Kroft appears to get a tour of the U.S. Cyber Command, the military nerve center for U.S. cyberwar operations. And, in what’s likely to be considered a not-so-subtle message in certain circles, as you see Kroft getting his tour, it’s hard not to notice the screen behind him. Plus, his host shows a Google Maps image of Iran with lots of orange dots on it.

The report, for which CBS presumably got a lot of cooperation from the Pentagon, comes not long after the Obama Administration officially declared cyberspace as a theater of war. That means, the military can conduct both defensive and offensive operations, and that an attack on certain computer systems by other countries or terrorists is essentially equivalent to an attack against U.S. territory, property and people.

It’s not the first time that “60 Minutes” has tackled the subject of cyberwar. In 2009, it first introduced TV viewers to the concept of using digital weapons to seize control of industrial infrastructure in order to sabotage it, including some once-classified footage of a test at the Idaho National Lab where a generator was destroyed using nothing more than computer code (although the same report contains references to a 2007 power outage in Brazil which Wired has said wasn’t caused by digital saboteurs after all, though CBS has said it stands by its reporting.) Aside from that, CBS’s older report serves as something of a lead-up to tomorrow’s story on Stuxnet.

It will be interesting to see if “60 Minutes” has unearthed anything new on Stuxnet that fills in more of the picture surrounding its development and use. Neither the U.S. nor Israel has ever acknowledged any involvement in its creation or use. But Israeli officials have occasionally been described as “breaking into broad smiles” when asked about the subject. It will also be interesting to see if the program asks any important questions about the state of cyberwar post-Stuxnet. It’s pretty safe to assume that other parties have learned as much as they can about how it was created and how another worm like it might be created again.

What’s impossible to guess is where the next target is.

Update: I added a link above to a Wired story that disputed some of CBS’s reporting on the 2007 Brazilian blackout. In short, Wired says the real cause of that blackout was poor maintenance and not an attack by hackers, although CBS has said it stands by its reporting on that subject.

Here’s the short preview of tomorrow’s “60 Minutes” report.

Latest Video

View all videos »

Search »

There’s a lot of attention and PR around Marissa, but their product lineup just kind of blows.

— Om Malik on Bloomberg TV, talking about Yahoo, the September issue of Vogue Magazine, and our overdependence on Google