Can a cyber attack program (like Stuxnet) be turned around, 'decoded' or something and used against other targets?
Asked by
YoKoolAid (
2424
)
February 28th, 2013
1. “It was the U.S. who attacked Iran’s nuclear facilities with stuxnet” – is that a fact, or just common belief. Maybe just one of those things that are not on record but *wink wink everyone knows it was the U.S.?
2. Once attacked, the damage is done, could Iran ‘take’ the program and use it against other systems? Does it work like that?
3. Is a cyber attack considered an act of war?
4. a side question you may be able to answer related to this topic, without me having to create another question – did anything significant come of Iran capturing the U.S drone in 2011?
Observing members:
0
Composing members:
0
4 Answers
My understanding is that stuxnet contained code for a programmable logic controller (PLC) that’s part of the target hardware that regulates the uranium centrifuges. This would be very device-specific & not likely to be adapted easily for some other purpose. Not that reverse-engineering the worm/virus didn’t give them ideas of their own…
The Iranians are accused by Mossad and the CIA of doing precisely that. I believe that’s how the whole Stuxnet story broke.
I think Israel also played a part in the Stuxnet operation but no one is going to admit to it officially. Computer viruses are like real viruses you can have immunity to the old ones but new ones can wreak havoc. A cyber attack on a country’s digital infrastructure is a serious thing and should be considered an aggressive act in my view.
1. It has been confirmed that it was a U.S. / Israel collaboration
2. Totally. But as @gasman points out it’s highly specific.
The infiltration code can be reverse-engineered, though, if you have all of it.
There were specific sets of infiltration tools built into Stuxnet that directed it to those specific machines and was equipped to get through the specific defenses in these machines.
So for a low-level attempt to re-use stuxnet off-the-shelf, a cut-and-paste replacement of the target is unlikely to be successful. It would be hit-and-miss that the tools needed to get into the new target are all onboard.
Because stuxnet suits the Iranian centrifuge system, specifically, and we all know it works there, the Iranians could adopt portions of the stuxnet for their software release system.
3. If you can really pin it on a nation-state, then it’s certainly an act of aggression by them. Whether or not that leads to war depends on what both sides want.
Unfortunately, it’s also easy to contend that cyber-attacks are terrorism, and there is a grim and substantial evidence that governments feel entitled to go after terrorists with lethal force where ever they are. The whole response to terrorism sure smacks of war to me, even if they stopped calling it the ‘War on Terror’.
4. They claimed they made a clone not long after they captured it, but I haven’t seen any evidence that it is any more than a shell that superficially looks cable of drone operations. If they use any of the tech I speculate it will be to put a stealth shell on their existing design.
I suspect they will not be able to control drones with satellite communications, either, as the NATO drones are.
Answer this question 
This question is in the General Section. Responses must be helpful and on-topic.
Composing members:
0
