More than a decade ago, the world discovered a new type of weapon. I had no eyes or soldiers. Only lines of code. It was called Stuxnet and was able to sabotage an Iranian nuclear complex without internet connection. A computer worm that destroyed centrifuging designed to enrich uranium. Without alerts. No explosions. Without anyone knowing, at first, what was happening.
All that we tell in our New Xataka episode presentsAvailable in the Xataka YouTube channel. Our partner Jota García, who reconstructs step by step how an operation of this caliber is told. The story starts in Natanz, an underground installation, hidden under tons of concrete in full Iranian desert. “From the outside it seems not special (…) but underground, thousands of centrifuging work work in full performance,” he says.
Who decided to act? And why wasn’t a direct military intervention chosen? Apparently, with Iraq’s precedent, that road was ruled out by the country that wanted to stop this Iranian project. The alternative was Develop malware With a concrete mission: destroy without being seen. “And if instead of attacking with soldiers, we attack a computer virus?” Jota says.
The trick? Infiltrate a simple pendrive in a completely isolated network. Once inside, the worm camouflaged. I watched. I expected. And only if I found the right industrial controllers, I went to action. “He didn’t attack immediately. He moved silently, analyzing everything around him.” Thus he managed to sabotage about a thousand centrifugators without the technicians being able to explain what he was failing.
But there was an error. Malware spread out of Iran and ended up arriving in the West. What happened then? Who discovered the code? And what did they find inside?
In the video we review how an investigation of The New York Times connected Stuxnet with the NSA, the CIA and the Mossad. Also the clues that analysts found in malware. “Stuxnet exploded four 0-Day vulnerabilities at the same time. An irrefutable proof that there was not a group of normal hackers.”
Since then, nothing has been the same. Stuxnet was the first great digital attack with physical consequences. “Stuxnet was the first notice. The first great warning that the next wars can be invisible. ”
Today, security threats are still present. We see them in hospitals paralyzed by Ransomware, sabotaged pipelines, In bank malware that empties accounts. Even USB pendrives remain a real threat in many organizations.
Did you know this story? To what extent do you think We are protected today? We invite you to give the play in our video and leave your comments.
Images | Xataka
GIPHY App Key not set. Please check settings