Download now: Cannabis Cash

Attacks on Iran: The Latest in Cyber Warfare

Dropping Bombs on Iran

Written by Nick Hodge
Posted November 4, 2011

I'm pretty sure Israel has already unilaterally attacked Iran.

Their single bomb was launched in 2009. It was called Stuxnet.

But it wasn't a bomb in the traditional sense. It was a computer worm — one of the most powerful ever built.

And it was built precisely to attack large-scale industrial facilities like power plants, dams, refineries, and water treatment operations... from the inside.

This worm in particular was used to attack a uranium enrichment facility in Natanz, Iran.

The Stuxnet worm crept in, undetected, to a computer component that controlled the rotor speed of the centrifuges and rewrote its code. It caused enough damage to significantly set back Iran's nuclear program, perhaps by years.

Stuxnet was so powerful the global consensus is that a government was behind it.

I'll give you one guess who it was...

Many say the United States helped them.


Some say it was a good thing. Others see what Stuxnet means for the rest of the world.

If a sophisticated computer worm can be designed to silently infiltrate secret enrichment facilities in Iran, it can certainly be duplicated or modified to do so elsewhere — on any number of critical infrastructure components.

Take it from Michael Assante, former chief security officer for the North American Electric Reliability Corporation:

"It's just a matter of time. Stuxnet taught the world what's possible, and honestly it's a blueprint."

The Department of Homeland Security has arranged a new training program to combat such a threat — a threat that's more likely to become a reality than most people realize.


You probably haven't heard of Duqu. I hadn't until just this week.

It's the world's newest and most dangerous computer bug. And it's only been around since late October.

It finds its way in through a Microsoft Word document and exploits a hole in the Windows operating system to spread from computer to computer.

You have Windows, right?

A note on the website of computer security firm Symantec had this to say about it this week:

The installer file is a Microsoft Word document (.doc) that exploits a previously unknown kernel vulnerability that allows code execution. We contacted Microsoft regarding the vulnerability and they're working diligently towards issuing a patch and advisory. When the file is opened, malicious code executes and installs the main Duqu binaries.

What does that mean?

If you open the wrong Word document, you could lose control of your machine.

Six organizations have already reported infection in eight countries.

This week, Reuters called in the “next big cyber threat.”

And what about that Stuxnet-being-a-blueprint talk?

Symantec has also said Duqu shares a source code with Stuxnet. That means the creators of Stuxnet either gave the code away, had it stolen, or also created Duqu...

The scariest part is there is no solution. All you can do is try to avoid getting it.

A recent Homeland Security test pitted Red Team (hackers) against Blue Team (pumping station computer operators), each with their own command center.

Red Team had no problem hacking into Blue Team's network and slowing it down. Then it killed its power, turning out the lights and computer screens, causing Blue Team to fly blind. As Blue Team sat helpless, Red Team overran their entire system, took control, and turned on the pumps.

What if those pumps controlled radioactive waste at a nuclear plant? Or a massive oil pipeline? Or caustic chemicals?

As Blue Team's commander noted during the exercise, “There's nothing we can do. We can only sit here and watch it happen.”


Scarier still, we don't know Duqu's intentions.

Is it meant to infiltrate our grid? Or is it coming after your financial data?

One thing's for sure: We need to be as aware and prepared as possible.

Nothing's worse than fighting an enemy you can't see or understand.

To get complete articles and information, join our newsletter for FREE!

Energy & Capital Members Receive:

Daily commentary and advice from energy investment experts
Access to some of the best oil, gas, and cleantech stock picks around
Foresight on how the future of energy will unfold

Call it like you see it,

Nick Hodge Signature

Nick Hodge
Editor, Energy and Capital

Related Articles

Cyber Terrorism and Grid Security
60 Minutes reported last year that hackers have already disabled critical infrastructure in major cities, disrupted essential services, stolen millions of dollars from banks all over the world, infiltrated defense systems, extorted millions from public companies, and even sabotaged our weapons systems.
Undervalued Indeed
I have a single thesis and continually update you on it: I'm bullish on energy. I think the entire sector (oil, gas, nuclear, renewable, efficiency) is in for immense appreciation as population explodes and resources remain constricted. I don't waiver from that.
America's Growing Cyber-Defenses
As the series of cyber-attacks in Estonia demonstrated this spring, the battles of ones and zeros fought out between hackers and security experts all over the World Wide Web are by and large bloodless affairs.
How to Play the Cyber Security Bull Market
Editor Steve Christ takes a look at our growing reliance on military drones and explains how they are vulnerable to the world's cyber warriors.