Security: A New Frontier

  In July of 2010, a new virus was discovered in Iran unlike any other the security world had ever seen. This virus, know as Stuxnet, was found on computers located within the Iranian nuclear power infrastructure. What amazed computer security experts was the sophistication and purpose of the virus. It was the first virus known to target and interfere with industrial infrastructure, specifically the nuclear plants in Iran. Symantec released a dossier detailing the methods used by the Stuxnet virus after reverse engineering the virus over a period of six months.
  The initial infection of the networks inside the plant most likely was caused by an infected thumb drive as the internal network is isolated from the internet to maintain compartmentalization and prevent remote hacking attempts. From there, using a set of different vulnerabilities found on the computers in the network, it would spread searching for very specific computers, computers that had a program called Step 7. This software is used in the programming of programmable logic controllers, or PLCs, which interface between a computer and machinery. Stuxnet would remain hidden on the computer until it was connected through Step 7 to a variable-frequency drive, a machine that controls the oscillations of the centrifuges that enriched uranium. These drives need to oscillate at very specific frequencies, Stuxnet would slow and speed up these oscillations to damage or destroy the centrifuge and prevent the uranium from being enriched.
  The Stuxnet virus is relatively harmless for normal computers, only seeking to infect new computers if the computer holds no relevance for its main purpose. The real threat is if Stuxnet becomes a blueprint for new generations of malware. Only time will tell if this is an anomaly in the security world or the beginning of a new era of cyber security.