Inside the Team That Cracked the Stuxnet Worm
Shown above: Siemens Simatic S7-300 PLC CPU, similar to one of those targeted by the Stuxnet worm.
In an extremely comprehensive WIRED article, Kim Zetter tells the inside story of how researchers worldwide (primarily working for Symantec) decoded the Stuxnet worm, ultimately figuring out that it was developed to target nuclear centrifuges at a particular site in Iran. For nerds, this is an incredibly engrossing read, full of technical-but-followable detail, as well as a compelling real-life narrative. As many commenters have noted, it reads a bit like a Tom Clancy novel. While many of us have heard something about Stuxnet, this is the article you should read to learn the real story -- grab a sandwich and turn off your email program for a half hour. Here's a snippet:
It should have been no surprise to the researchers, then, when their work drew the attention of government agencies in and outside the United States, that began asking for briefings on their findings. Symantec put together a PowerPoint presentation for the Department of Homeland Security, Defense Department, Department of Energy and FBI to answer their questions. "I joke that they already had all the answers," Chien said. Asked if anyone from the NSA or CIA attended the PowerPoint sessions, he smiled. "If we ever did brief the NSA, we wouldn't know, right?"
The political ramifications of their work took on even starker dimensions when, two weeks after they published their findings on the frequency converters, assassins on motorbikes attacked two Iranian nuclear scientists simultaneously in Tehran. The men were commuting to work on a Monday morning in separate parts of the city when the assassins zipped by their cars and attached bombs to them. [...]
Although the researchers didn't really believe their lives were at risk for exposing Stuxnet, they laughed nervously as they recalled the paranoia and dark humor that crept into their conversations at the time. O Murchu began noticing weird clicking noises on his phone, and one Friday told Chien and Falliere, "If I turn up dead and I committed suicide on Monday, I just want to tell you guys, I'm not suicidal."
The day news of the assassination plots broke, Chien joked to his colleagues that if a motorcycle ever pulled alongside his car, he'd take out the driver with a quick swerve of his wheels. When he left work that day and stopped at the first intersection, he was shaken -- just for a moment -- as he glanced in the rear-view mirror and saw a motorcycle pull up behind him.
Read the rest (it's long) for a thoroughly excellent look at a dramatic story of modern computer security research.
(Photo courtesy of Wikimedia Commons, used under Creative Commons license.)