"It can be argued that the time was ripe for history's first cyber weapon, and having it come from China or Russia would have created another unpleasant Sputnik experience," wrote Ralph Langner, the Hamburg, Germany-based cyber security expert in a recent opinion article in the New York Times. "On the other hand it is evident that the United States is not prepared to defend against such sophisticated cyber-physical attacks that they chose to experiment with in the open, with the actual weapon eventually being downloadable from the Internet."
Mr. Langner's discovery that Stuxnet was not just another piece of criminal malware, but was actually the world's first nation state-built cyber super-weapon and apparently targeting Iran's nuclear program, was verified and first published by the Monitor on Sept. 21, 2010.
Ever since, the hunt has been on for who built and unleashed Stuxnet – and the fragments of other digital weapons that keep popping up. That hunt has yielded a drumbeat of surprises. First, has come the discovery of at least two other highly sophisticated cyber espionage systems that also appear to target Iran's nuclear program – and also show clear signs that they are directly related siblings of Stuxnet – and developed by the same source, according to forensic analysis and recent news media reports.
"Whoever was running this operation needed these programs to conduct a large number of highly targeted and clandestine operations against Iran and its allies," says John Bumgarner, a former Army intelligence officer now research director for the US Cyber Consequences Unit, a nonprofit security think tank.