nuclear-news

Stuxnet slowing Iran’s nukes, but it’s a mixed blessing

If Stuxnet was responsible for slowing Iran’s nuclear development, then it accomplished over a period of a few months what the United States and its allies have failed to do in years of talks, threats and sanctions. It also achieved that goal without a shot being fired, buying more time for negotiators to try to persuade Iran to stop its bomb-making efforts.

Will the cyber worm turn?,  latimes.com, 23 Jan 2011, Stuxnet reportedly set back Iran’s nuclear program. That’s the good news. But what about threat to us?The tale of the Stuxnet worm is one of those seemingly good-news stories that grows more worrisome over time.

Security experts first became aware of the mysterious Stuxnet malware last summer, but it wasn’t until months later that they agreed on its likely target: Iran’s secretive nuclear weapons program. The worm hid itself benignly in personal computers, spreading (often through USB drives) until it could infect machines made by Siemens that control motors and other industrial equipment. The infected controllers intermittently sent the motors racing, all the while reporting that everything was normal.

Analysts speculate that Stuxnet damaged a sizable percentage of the gas centrifuges at Iran’s well-guarded uranium enrichment facility in Natanz, which relies on Siemens controllers. Iran hasn’t talked in detail about the situation, but U.S. and Israeli officials (who won’t discuss Stuxnet publicly) are no longer projecting that Iran is poised to develop an atomic bomb. Instead, they’ve pushed back their estimates by several years, citing unspecified “technological problems.”
If Stuxnet was responsible for slowing Iran’s nuclear development, then it accomplished over a period of a few months what the United States and its allies have failed to do in years of talks, threats and sanctions. It also achieved that goal without a shot being fired, buying more time for negotiators to try to persuade Iran to stop its bomb-making efforts.

That’s the encouraging side of the story. The other side is that Stuxnet demonstrates heretofore unseen capabilities of cyber attackers, many of whom aren’t playing for our side………….
the United States isn’t positioned well to defend against a weapon of Stuxnet’s caliber. It’s not for lack of trying; over the last year, the Obama administration has activated a “cyber command” at the Defense Department to raise the military’s defenses against intrusion and develop offensive capabilities, and it has improved coordination between the Pentagon’s efforts and the Department of Homeland Security‘s initiative on the civilian response to cyber threats.

But the government’s reach is limited. More than 80% of crucial U.S. infrastructure is in private hands. And while we count on the military to protect that infrastructure against attacks from land, air or sea, it’s up to the owners to defend themselves against attacks from cyberspace……
But the U.S. has done a poor job of making sure that operators of crucial infrastructure stay on top of the changing threats. Although regulatory agencies have laid out best practices for guarding against intrusion, compliance is voluntary and some industry leaders have fiercely resisted efforts to go further.
The Stuxnet worm: the tip of the cyber-war iceberg? – latimes.com

January 23, 2011 - Posted by Christina Macpherson | safety, technology, USA