The government of Iran says a new nuclear plant will open on schedule in October. This despite an infection from a computer worm called Stuxnet. Like all computer worms, it gets into a computer secretly and is programmed to cause damage to the computer and any network that may be connected.
But Stuxnet is a different beast than we've seen before. Most of the time, a worm goes after digital information. It might steal credit card data or other personal material, sometimes it just messes with you as a kind of joke. Stuxnet, however, is pointed toward software that controls infrastructure. Stuff like the speed at which turbines spin, the heating and cooling of equipment, the warning system in case something starts to go wrong. Imagine that at a nuclear power plant.
The challenge of getting to the bottom of Stuxnet and how to deal with it is that Stuxnet is built to be anonymous. And it's built really well. According to Gerry Eagan from Symantec, whom we talk to in this program, the level of sophistication is way too high to be the work of even a very gifted hacker. He says this is clearly the work of an advanced team of people.
Speculation abounds that perhaps Israel or the United States, neither a great fan of Iran, is behind Stuxnet. But Kim Zetter from Wired.com reminds us that there is no proof that this is the case. She also points out that the specific model of controller that Stuxnet targets, a model made by Siemens, has a hard coded password that cannot be changed by the user. And that password has already been published on the internet.
“I think the best compliment I can give is not to say how much your programs have taught me (a ton), but how much Marketplace has motivated me to go out and teach myself.” – Michael in Arlington, VABEFORE YOU GO