The Secret War: Stuxnet, Duqu and Flame

The highly complex computer worm called Stuxnet, targeted at sophisticated industrial control systems, was first identified in July of 2010. The arrival of Stuxnet changed everything…as it was a harbinger of the shape of things to come.

Stuxnet sparked international press coverage and exposed to the business community the digital face of cyber espionage, cyber warfare, sabotage and electronic diplomatic sanctions. For industry leaders, it raised the specter of international industrial competition fueled by the theft of proprietary trade secrets, intellectual property, business, government and military secrets, and the potential loss of all the advantages of an advanced technological society.

Stuxnet targeted SCADA (Supervisory Control and Data Acquisition) control systems. SCADA and other legacy control systems have been used for decades in power plants and distribution grids, oil and gas refineries, air traffic and railroad management, pipeline pumping stations, pharmaceutical production, chemical plants, industrial processes, automotive assembly lines, automated food and beverage lines, water treatment plants,  major dams, and many other forms of automation and production.

Stuxnet was likely released a full year before its discovery. It was designed to replicate itself while searching for very specific industrial software applications that run behind Microsoft Windows operating systems.

Stuxnet was followed in 2012 by the discovery of two closely related forms of malware, the Duqu worm and Flame. Duqu searches for information that could be useful in attacking industrial control networks and smuggles password information back to its command and control center. Flame existed several years before being discovered, and can also record Bluetooth communications.