1

John Luke
URWT 1103
Professor Campbell
April 9, 2016
The Advent of War on the Web: The Stuxnet Start
In June of 2009, the realm of cyber space changed drastically. This was the reported date
of the first Stuxnet computer worm attack, which at start was localized to about 10 machines in

Commented [LJ1]: Yellow highlighted areas indicate

corrections were inspired from professor recommendations,
and green highlighted areas indicate completely new
modifications and additions. Most revisions were made in
the effort to add more clarity or detail to the paper, as well
as to provide a more fluent reading experience.

Iran. By September of 2010, these few infections in Iran had spread to over 100,000 personal,
business level, and governmental computers had been infected by the worm (Stuxnet Successor).
This virus spread rapidly from the few isolated computers to the vast 100,000 computers across
Iran because it was looking for a specific target: Irans Natanz Fuel Enrichment Plant, and in
particular the turbines that functioned to enrich nuclear material. The origin of the virus was
found to be a directed attack from the joint efforts of the United States and Israel in order to
prevent Iran from creating their own nuclear weapons. This attack was an unprecedented event,
being the first major cyber-attack that physically modified the function of real world systems
(Stuxnet Worm). The attack was not intended to have any casualties, and was utilized by the
United States and Israel in order to try and prevent Iran from crafting their own nuclear weapons.
Specific implications arose from the attack though as Ralph Langner, a German control system
security consultant who worked to crack the virus code, described in March of 2011 at his Ted
Talks conference, how the virus had a generalized attack order, meaning that the code itself
made no evident and specific mention of what it was attacking. Langners team found that the
virus was designed to disable the safety systems of the facility in order to wear down the
centrifuges enriching nuclear fuel, and bring them to a slow and subtle stop. In the years since

Commented [LJ2]: Substantive Revision #1

2
March of 2011, when the truth behind the virus was revealed, Iran has grown in its technological
abilities. In increasing retaliatory measures, Iran has been in the process of a relentless political
assault against Americas electronic infrastructure. They have performed viral attacks against
key targets against Iran, such as the Las Vegas Sands casino due to the outspoken and arguably
aggressive words of the Chief Executive Sheldon G. Adelson in February of 2014 (Sangner and
Perlroth). As a result of the Stuxnet virus, a new arms race has arisen in the form of unseen
weaponry; hidden programs wreaking havoc upon governmental and private enterprise targets.
An unprecedented cyber war is now at its advent, and it is unknown as to the lengths and
magnitude that it will eventually reach. A new and serious field of war has arisen, and as
Langner went on to describe in his Ted Talks conference, the western world is at the crux
(Langner).

To understand the implications and repercussions of the virus, and what the results of it
were, a look must be taken at the political standpoints leading up to the attack. For years the
Middle East has been a volatile and dangerous region of the world, and a major concern that
stems from this is the fear that in some way a destructive nation may come to attain weapons of
mass destruction. In the late 2000s Iran began accelerating the development of its nuclear
program, denying any implication that it was in the efforts to attain nuclear weaponry. Disputes
raged on among world leaders in the effort to glean whether the development of nuclear
materials by the country was for peaceful or aggressive uses. Regardless of the true direction that
Iran wished to take, the United States deepened economic sanctions against the country, which
had been established after the capture of the United States embassy in Tehran in 1979 and had
been functioning in various degrees since that time (Iran Sanctions). By increasing the severity

3
of the sanctions, the United States hoped to get them to halt their nuclear development with
relative peace (Gladstone).

Soon after the Stuxnet attack, researchers across the world worked to crack what the
virus code specifically described, as well as what its specific target was. In 2010, Ralph
Langners team began work on deciphering the secrets of the virus. In a TED Talks conference
in March of 2011, he presented his teams findings. He describes how the overall purpose of the
virus had to target something of high value as it was simply ineffectual against an average users
system. The virus itself did not latch onto or attack without particular reason, such as very
specific parameters or purpose being present on the victim system. He stated it was like a lab
rat that didnt want our cheese, sniff but not eat. The virus would examine the system it was
infected on, and failing to find its target, it would simply lie dormant. It was clear after
examining the attack code of the virus that it was also created by some form of professionals, and
that these professionals had very explicit knowledge of whatever their target was. Langners
team then went on to use practical knowledge to narrow down specific locations of high value
(Langner). The majority of infections of the virus were located in Iran, as much as 66% of
infections (Stuxnet Successor). Thus, this narrowed down the search of targets to any targets of
high value in Iran, the only ones of current relevance at the time being two nuclear facilities: the
first being Natanz, and the other being the Bushehr nuclear power plant. The team then went on
to look into specific features of these locations to see if the code lined up with any real-world
manifestations. This is when they made their breakthrough, as they noticed that the code repeated
the number 164 very frequently, which they later found to correspond to the cascade systems
of the fuel enrichment centrifuges of the Natanz plant. These cascade systems functioned with an

4
arrangement of 164 centrifuges all working together to enrich nuclear fuel into usable material.
Since the code was seemingly based around this number 164, and the Natanz facility had
suffered major breakdowns in late 2009 and early 2010 which coincided with the infection
period of the virus, then it was clear that the facility was the primary target of virus. With this
realization came the true danger and understanding of the power of Stuxnet. The virus was
designed to slowly break down the function of the centrifuges, all whilst feeding the technicians
and engineers at the facility false data about the activity of the equipment. This essentially
meant, according to Langner, that the virus bypassed the automated safety systems that were
designed to react to catastrophic failure faster than a human would be capable (Langner) This is
where one of the primary concerns behind this virus arises. Although this virus was created with
the intentions of simply bringing the facility to a state of inoperability, another virus of a similar
caliber may not be so modest in its approaches. By tampering with the safety systems of the
facility the virus use brought about a condition of moral ambiguity.

The main point that Langner intended to make in his speech was that the virus itself was
very generalized in its attack directive, as in it did not explicitly state a specific target in its code.
The only real world connection that was able to be found was the frequent reference to 164,
which even this was well disguised from being a clear answer to what the virus was intended to
attack (Langner). The issue in this is that a similar virus could easily be used to break down the
safety precautions of any number of facilities, and in the end to possibly cause serious harm to
the many workers of the facilities. According to Norton by Symantecs website description of the
Stuxnet virus: This is the first attack weve seen that allows hackers to manipulate real-world
equipment, which makes it very dangerous (Stuxnet Worm). Now that a virus has been used for

5
the first time in this level of application, it leaves the door open for others to mimic the action.
Luckily this virus was used in the efforts to protect the world from a possible threat of nuclear
weaponry, but this doesnt prevent the fact that the cyber-attack floodgates have now been
opened. Langner cautioned that the world, and in particular the United States would do well to
start preparing itself for these possibilities immediately by increasing the capabilities of their
defensive network, and preparing for the very real possibility of large scale cyber-attacks
(Langner). With time having come between the attack of Stuxnet and today, it becomes apparent
to take the time to analyze if the United States did in fact prepare properly. Preliminary analyses
allude to the idea that they have not.

As time passed, the fuming results of this conflict over Stuxnet came out in the form of
extensive efforts by Iran to retaliate for the incursion against the Natanz facility and their nuclear
program at large. With several years to learn from the event, as well as time to amass the
capabilities to take action, Iran upgraded its abilities to perform cyber-attacks. According to the
New York Times article Iran Is Raising Sophistication and Frequency of Cyberattacks, Study
Says, Iran made a major attack relatively recently in February of 2014 with a political
connotation against the Las Vegas Sands casino after the chief executive Sheldon G. Adelson
suggested that an American nuclear warhead should be expended against Tehran, the capital of
Iran. Adelson likened this to being similar to firing a warhead into an empty desert, as if no one
of matter would be hurt. Iran came back against this executive by administering an extensive
malware attack, ruining a vast majority of the computers used to run and administer the casino.

Commented [LJ3]: Substantive Revision #2

6
The article describes how although Iran has been for all intents and purposes halted in
their nuclear development, they have now attained an outlet of attack in the same manner in
which they were overcome with during the volition of Stuxnet. From January to March of 2014,
it was reported that there was an increase of about 115% in cyber malware attacks launched by
Iranian internet protocol addresses. This translates into a quantity consisting of over ninehundred attacks a day by the end of the increase. Although this article goes on to say that Russia
and China are the United States primary adversaries in the realm of computer combat, it also
connects to the idea of how Iran as a cyber warfare enemy produces a further worrying
atmosphere because of the more pronounced focus on damage that they maintain. Iran went to
the length in an attack on Saudi Aramco, a Saudi Arabian oil company, to wipe out the memory
on around 30,000 computers and replace the onscreen image with a burning American flag,
presumably for their involvement and agreeable relationship with the United States (Sangner and
Perlroth). This connects to, and is rather strongly damning evidence of the truth behind
Langners words at his TED Talks conference. He warned that the West should prepare for a
focus of attacks to be thrown in the direction of the United States, and as of late those attacks
have come full force (Langner). T.A.M.

With many fears and extensive worries being thrown in the direction of cyber-warfare,
and in particular the belligerence being waged between the United States and Iran, it begs the
question of exactly why Iran wants a nuclear program so badly, whether it truly is to create a
nuclear weapon, or whether it really is peaceful intentions. Even with their newfound
capabilities, and renewed efforts to strike out against the United States in the cyber space, it
comes at an extreme cost. The sanctions against Iran dole a heavy toll against their economy, and

Commented [LJ4]: Substantive Revision #3

Commented [LJ5]: Substantive Revision #4

7
in all practicality the fear of the way Iran would use a nuclear weapon is practically suicide for
them. Iran has a deep seated aggression against Israel, but the idea that they would use a weapon
of mass destruction against them is by all means a personal death sentence as described by Max
Fisher in his Washington Post article (Fisher). Simply put, the rest of the world wouldnt sit and
watch Iran destroy another country. As such their regime would be put to a swift end. So if this
idea of the goal being the attainment of a nuclear weapon were set aside, then why would Iran
suffer through aggressive sanctions and international cyber-attacks for a relatively unneeded
nuclear program? Fisher also gives great insight into the reasoning behind this, stating that Iran
views their program as a symbol of national pride, having it stand as a sign that Iran is a member
of the advanced world. By having a nuclear program, it would allow Iran to stand as a
competitive sovereign nation (Fisher). This idea would seemingly legitimize Irans hopes and
endeavors in this area, but unfortunately for them, the fear that their efforts are not so peaceful as
this causes the rest of the world to act with extreme unease about the whole subject.

The fear of a volatile country possibly gaining access to nuclear weapons has been an
ongoing dilemma for several years, and what was hopefully supposed to be a major detriment
and derogatory force, intended to push Iran to cease pursuit of such a venture, has now
seemingly shaken up the hornets nest. Stuxnet was created as a precautionary and deterring
weapon, but just as physical weapons create retaliations when used to attack, so did Stuxnet. Due
to the implications of Stuxnets function and ability to administer false data to engineers, and
physically break the safety systems at the Natanz fuel enrichment plant, the moral validity of the
use of the virus was put into question. The question becomes, is it acceptable to use a virus such
as this to sabotage a mechanism set in place to prevent any sort of detrimental accidents, possibly

Commented [LJ6]: Substantive Revision #5

8
being involved with the safety of facility workers. This is a question that has yet to be answered,
but, has absolutely been called upon and reacted to. Instead of stopping, Iran was simply delayed
for a time, and now continues to push for being allowed to progress their nuclear program as a
symbol of their national might and pride, while also striking back heavily at the nation that did
the same to them. Stuxnet ended up being what was the call, and Iran is continuing to answer.
Just as Langner warned in his Ted Talks conference, the western world has performed actions
that have led it to become the focus of the world (Langner). Stuxnet was the start of a new age of
cyber warfare, and it has now been proven true that the oncoming assault of cyber-attacks will
only become more extensive from here.

9
Works Cited
Fisher, Max. 9 questions about Irans Nuclear program you were too embarrassed to ask. The
Washington Post. The Washington Post, 25 Nov. 2013. Web. 30 April 2016.
Gladstone, Rick. Iran Suggests Attacks on Computer Systems Came from the U.S. and Israel.
New York Times. New York Times, 25 Dec 2012. Web. 10 April 2016.
Iran Sanctions U.S. Department of State. U.S. Department of State. Web. 29 April 2016.
Langner, Ralph. Cracking Stuxnet, a 21st-Century Cyberweapon. TED. March 2011. Lecture.
10 April 2016.
Sangner, E. David and Perlroth, Nicole. Iran Is Raising Sophistication and Frequency if
Cyberattacks, Study Says. New York Times. New York Times, 15 April 2015. Web. 10
April 2016.
"Stuxnet Successor Surfaces." TCE: The Chemical Engineer. 2011.845 (2011). Web. 10 April
2016
"Stuxnet Worm." Norton by Symantec. Norton. Web. 10 April 2016.