recommended reading

Stuxnet Used an Old Movie Trick to Fool Iran's Nuclear Program

An Iranian technician works at the Uranium Conversion Facility just outside the city of Isfahan, Iran.

An Iranian technician works at the Uranium Conversion Facility just outside the city of Isfahan, Iran. // Vahid Salemi/AP File Photo

In a fascinating new read, Foreign Policy's Ralph Langer explored the deep history of Stuxnet, the super computer virus jointly authored, allegedly, by American and Israeli intelligence services to attack Iranian nuclear facilities. In doing so , he learned the real story involves not one, but two viruses, including an early, previously unreported version of the virus that relied on the cyber-attack equivalent of the camera trick from the movie Speed.

Langer's impressive three-year investigation into the virus's effects on the Iranian nuclear program shows how it effectively tore the system limb-from limb. It reportedly destroyed 1,000 out of 5,000 nuclear centrifuges and, by Langer's estimates, set the program back by two full years. Langer also discovered that a much more complicated and lesser-known gambit than the one we're most familiar with, was already being carried out years earlier. 

Stuxnet was allegedly jointly created by U.S. and Israeli military forces to infiltrate and then damage Iran's nuclear program from the inside. It became public knowledge after it malfunctioned — or worked a little too well — and infected millions of non-Iranian computers worldwide in the summer of 2010. 

But years before the Stuxnet we know and love went to work, an early variant targeted Iran's Natanz nuclear facility. Natanz employs a complicated, cascading system of safeguards to prevent centrifuges used for uranium enrichment from overheating and malfunctioning in order to overcome the country's outdated and dubious nuclear technology. Stuxnet's genius was in its ability to override those safety systems, by infecting computers that weren't connected to the outside world, and without anyone realizing it was being done until it was too late.

What the very early Stuxnet virus was designed to do is "so far-out, it leads one to wonder whether its creators might have been on drugs," Langer says. But in reality, they may have got the idea from a brilliant 1994 action flick starring Reeves and Sandra Bullock. 

A controller infected with the first Stuxnet variant actually becomes decoupled from physical reality. Legitimate control logic only "sees" what Stuxnet wants it to see. Before the attack sequence executes (which is approximately once per month), the malicious code is kind enough to show operators in the control room the physical reality of the plant floor. But that changes during attack execution.

One of the first things this Stuxnet variant does is take steps to hide its tracks, using a trick straight out of Hollywood. Stuxnet records the cascade protection system's sensor values for a period of 21 seconds. Then it replays those 21 seconds in a constant loop during the execution of the attack. In the control room, all appears to be normal, both to human operators and any software-implemented alarm routines.

In you're too young (or old) to remember Speed, a terrorist installs a bomb on a Los Angeles bus and holds the passengers, including a cop played by Reeves, hostage by watching them through a closed circuit camera. The cops win by intercepting the video feed, and replacing it with looped footage of bus; making it appear to the villain that everything was normal, while the hostages escaped unnoticed. There was a big explosion at the end, too. 

Anyway, once the Iranian system was blinded to the threat, American hackers remotely messed with the safety systems, routinely destroying Iranian centrifuges through coordinated attacks that would do significant damage without revealing the virus's existence. The version of Stuxnet that came later was much more abrasive, and did more damage in a shorter time. Staying hidden was no longer a goal, Langer posits, because once the damage was done, the creators wanted the world to know what they were capable of in the realm of cyberwarfare. It was time to reveal the secret.

Threatwatch Alert

Stolen laptop

3.7M Hong Kong Voters' Personal Data Stolen

See threatwatch report


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • It’s Time for the Federal Government to Embrace Wireless and Mobility

    The United States has turned a corner on the adoption of mobile phones, tablets and other smart devices, outpacing traditional desktop and laptop sales by a wide margin. This issue brief discusses the state of wireless and mobility in federal government and outlines why now is the time to embrace these technologies in government.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.


When you download a report, your information may be shared with the underwriters of that document.