Experts called Stuxnet a 'wake-up call' when it was identified as a cyberweapon. But even as hackers study it, there is scant evidence US utilities are bolstering their defenses against attack.
A cyberterrorist, foreign nation, or maybe just a hacktivist who wants all Internet information to be free, puts the lights out in a major American city with the click of a mouse button. For weeks.
That may sound like the stuff of a movie script, yet it is precisely the kind of nasty threat posed by Stuxnet, which one year ago emerged as the world's first publicly confirmed example of a digital guided missile. It was built to cross cyberspace, zero in on a real-world computer-controlled target – and physically destroy it.
Garden-variety computer viruses may steal your bank password, but Stuxnet is by design a military-grade cyberweapon – a computer “worm” built by an advanced cyberweapons state. It was designed to seek out and destroy Iran's nuclear-fuel refining centrifuges, and it wrecked at least 1,000 of them. But its implications go much further.
RECOMMENDED: The new cyber arms race
Hackers, cybercriminals, or rogue nations can now download Stuxnet off the Internet and reverse engineer it – using its tricks as a digital template for crafting malicious software attacks that wreck industrial infrastructure, cybersecurity experts say.
Inspired by Stuxnet's success, hackers are now known to be tinkering with Stuxnet code, say experts interviewed for this story. Iran also has Stuxnet now – as do other aspiring cyberweapons nations. Some experts call it a “Pandora's box” now loose on the Internet.
Page 1 of 6