Stuxnet Virus Created by US and Israel to Stop Iran's Nuclear Program

By | Jun 15, 2012

There has been speculation that the Stuxnet virus was created by the United States or Israel. After an 18-month investigation and several interviews with American, European, and Israeli officials, it seems that the rumors were true. The virus was created in a joint effort with the U.S. and Israel, during the Bush administration.

The virus, codenamed Olympic Games, was passed from President Bush to President Obama. Obama knew about each attack made against the Iranian nuclear program, deciding this was a good alternative to a physical war. By bringing the Israelis into the program, it allowed them to see there was an effort made to stop a threat to their country. The U.S. also needed Israel's resources to get the virus into the enrichment sites at Natanz. This also helped to stop a physical confrontation in the Middle East.

The utilization of cyber weapons against a foe is the equivalent of the use of the atom bomb in the last century. Obama's concern, much like Truman's was that eventually the technology will come back to haunt us. We may create a program of this magnitude to attack the enemy, but eventually, we will have to defend ourselves from the same technology we have unleashed.

The first major successful attacks started in 2008, causing the Iranian centrifuges to spin out of control. The Iranians immediately took action by blaming their parts suppliers and firing who they thought were incompetent employees. Iran had to shut down hundreds of machines and still had no clue was causing the problems.

This was due to the brilliance of the virus. It would not continually perform the same actions. It would attack areas, stop for a period of time, then attack a different area. This back-and-forth momentum caused the government to doubt themselves and their project. In the end, Obama's administration figured Iran lost 18 to 24 months of up-time trying to figure out what they had done wrong.

Then in 2010, the virus escaped after an upgrade was applied to it. The virus was downloaded onto an engineer's computer and didn't detect a change in environment. It then began to replicate itself and started to spread across other computers, and eventually, it accessed the Internet. Why the virus lost control is unknown. Some government officials believe a patch installed by Israel caused the leak in an effort to do more damage across Iran.

The New York Times reports that the Stuxnet virus was also considered for use against North Korea, China, and Syria, but Obama is standing still on releasing too many viruses into too many countries at the same time.

Now the Flame virus has been found, also primarily in Iran. The U.S. government will give no comment about the situation, and Israel has only stated that they have the technology to perform such an action, especially against targets they feel are a threat to their national security.

As more of these government viruses travel around the globe, more hackers will find ways to utilize the technology. Before long, they will create replicas and use them against small, midsize, and large businesses. The reports of how the Stuxnet and Flame viruses get into computer systems, how they work intermittently, and the importance of causing separate minor attacks to other areas of the system to throw off IT professionals is enough information to prepare the next generation of hackers.

IT professionals working for midsize businesses are in a unique situation. Their companies are small enough to fly under the hacker radar, but this may soon create a problem. Larger companies are investing more money into the security of their networks. This will force hackers to upgrade their hacking skills or go after smaller fish. Midsize companies are typically easier to hack into and still large enough to make a profit from. IT at midsize business should upgrade their security as if they were a larger business to defend themselves against the lazy, but still bothersome, hackers.

This post was written as part of the IBM for Midsize Business program, which provides midsize businesses with the tools, expertise and solutions they need to become engines of a smarter planet. Like us on Facebook. Follow us on Twitter.

IBM Solution Midsize Business Solutions

IBM and its Business Partners understand your challenges and needs. We've created specific products and solutions designed to help growing companies like yours work more productively and profitably.

Learn More »