The attack was so sophisticated that experts likened it to an F-35 fighter showing up over a World War I battlefield. Later leaks presumably orchestrated by the Obama administration revealed that Stuxnet was the product of a joint U.S.-Israeli operation initiated under the direction of President George W. Bush.
A new book reveals details about how the Stuxnet application penetrated Iranian enrichment facilities.
The Stuxnet computer worm that attacked Iran's nuclear development program was first seeded to a handful of carefully selected targets before finally taking hold in uranium enrichment facilities, according to a book published Tuesday.
The new account, included in Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon by Wired reporter Kim Zetter, is at odds with the now-popular narrative that the malware first penetrated Iran's Natanz enrichment facility and later unexpectedly broke loose to infect hundreds of thousands of other sites across the globe. That earlier account, provided by New York Times journalist David Sanger, characterized the escape outside of Natanz as a programming error that was never intended by engineers in the US and Israel, the two countries Sanger and Zetter said devised and unleashed Stuxnet. According to Zetter, the world's first known cyber weapon first infected Iranian companies with close ties to Iranian nuclear facilities and only later found its way to Natanz.
"To get their weapon into the plant, the attackers launched an offensive against four companies," Zetter wrote. "All of the companies were involved in industrial control processing of some sort, either manufacturing products or assembling components or installing industrial control systems. They were likely chosen because they had some connection to Natanz as contractors and provided a gateway through which to pass Stuxnet to Natanz through infected employees."
Zetter's book, which Wired previewed last week, is the first published account to name the early Stuxnet victims. They were Foolad Technic Engineering Co., an Iranian maker of automated industrial systems used mostly for steel and power; industrial control system developer Behpajooh Co. Elec & Comp. Engineering; Neda Industrial Group, a company accused of supplying military equipment to Iran; and Control Gostar Jahed, another industrial control systems supplier. A blog post published by security firm Kaspersky Lab to coincide with Tuesday's publication of Zetter's book named a fifth likely "Patient Zero" of Stuxnet, Kala Electric, believed to be the main manufacturer of the Iranian uranium enrichment centrifuges.
For those interested, in 2010 I created an illustrated guide to Stuxnet that describes the power and sophistication of the cyber-weapon.
Hat tip: BadBlue Tech News.