Register for an account

X

Enter your name and email address below.

Your email address is used to log in and will not be shared or sold. Read our privacy policy.

X

Website access code

Enter your access code into the form field below.

If you are a Zinio, Nook, Kindle, Apple, or Google Play subscriber, you can enter your website access code to gain subscriber access. Your website access code is located in the upper right corner of the Table of Contents page of your digital edition.

Technology

Internet Intrigue: China Reroutes the Web, Stuxnet Is Even Scarier

80beatsBy Andrew MosemanNovember 19, 2010 9:50 PM
computerhack.jpg

Newsletter

Sign up for our email newsletter for the latest science news

It was late September when the world got wind of Stuxnet, the complex piece of malware that appeared to specifically target Iranian nuclear sites. Now, analysis of Stuxnet suggests it was almost perfectly designed to corrupt nuclear centrifuges, according to David Albright of the Institute for Science and International Security.

On Wednesday, Mr. Albright and a colleague, Andrea Stricker, released a report saying that when the worm ramped up the frequency of the electrical current supplying the centrifuges, they would spin faster and faster. The worm eventually makes the current hit 1,410 Hertz, or cycles per second — just enough, they reported, to send the centrifuges flying apart. In a spooky flourish, Mr. Albright said in the interview, the worm ends the attack with a command to restore the current to the perfect operating frequency for the centrifuges — which, by that time, would presumably be destroyed. [The New York Times]

Computer experts don't know Stuxnet's origin for sure, though the Times' story

drops a few cryptic hints of Israeli involvement. And further study of the attack shows that although Stuxnet appears calibrated to disrupt centrifuges, it could be easily adapted to seize the reins of other systems.

The widespread interconnection of corporate networks and use of SCADA systems [supervisory control and data acquisition] means that industrial infrastructure is increasingly vulnerable to software attack. Such control systems are used in virtually every industry—food production, vehicle assembly, chemical manufacturing—and are commonly exposed to insecure networks. This leaves them vulnerable to tampering, such as with Stuxnet, as well as intellectual property theft. [Ars Technica]

Elsewhere in computing skulduggery, the big story Wednesday

was the report that for 18 minutes on an April day, 15 percent of the world's Internet traffic mysteriously was rerouted through China.

The report said the move affected data traveling over both the government and military networks of the United States, including information from the Senate, the Army, the Navy, the Marine Corps, the Air Force, the secretary of defense’s office, NASA, the Department of Commerce and the National Oceanic and Atmospheric Administration, as well as from many American companies. The incidents, which were widely reported when they occurred, were never explained, although Chinese engineering managers said that the routing errors were accidental. [The New York Times]

Though reports of China-based cyberattacks

have been increasing, China today denied

any intentional wrongdoing, saying the accusation smacks of "Cold War thinking." Nevertheless, the report should have us worried.

If the rerouting of traffic was in fact intentional, this incident can be filed alongside the Stuxnet worm ... as a new generation of cyber attacks with geo-political implications. Even if neither the China Internet hijacking incident or the Stuxnet worm are truly state-sponsored attacks, they still illustrate what is possible for attackers with the skills and resources to pull it off. [PC World]

Related Content: DISCOVER: 20 Things You Didn’t Know About… Computer Hacking

80beats: Super-Sophisticated Computer Virus Apparently Targeted Iran’s Power Plants

80beats: Massive Spanish Botnet Busted, but Hacker Mastermind Remains Unknown

80beats: “Soupnazi” Hacker Pleads Guilty to Stealing Millions of Credit Card Numbers

80beats: Iran Blocks Gmail; Will Offer Surveillance-Friendly National Email Instead

Image: iStockphoto

2 Free Articles Left

Want it all? Get unlimited access when you subscribe.

Subscribe

Already a subscriber? Register or Log In

Want unlimited access?

Subscribe today and save 70%

Subscribe

Already a subscriber? Register or Log In