Kim Zetter

Stuxnet and the Launch of the World’s First Digital Weapon

Kim Zetter is an award winning journalist and author who covers cybersecurity, cybercrime, cyber warfare, privacy and civil liberties. Since 2003 she has been a staff reporter for Wired. Zettter was a finalist for an Investigative Reporters and Editors award in 2005 for a series of articles she wrote about the security problems with electronic voting machines and the controversial companies that make them. In 2006 she broke a story for Salon about a secret NSA room at an AT&T facility in Missouri that was believed to be siphoning internet data from the telecom’s network operations center. She wrote a groundbreaking three-part story for Wired in 2007 on the cybercriminal underground, which exposed the world of online carding markets and the players behind them. In 2010, she and a Wired colleague broke the story about the arrest of Bradley Manning, the former Army intelligence analyst accused of leaking millions of classified U.S. government documents to WikiLeaks. In 2011, she wrote an extensive feature about Stuxnet, a sophisticated digital weapon that was launched by the U.S. and Israel to sabotage Iran’s uranium enrichment program. It was the first virus-worm found in the wild that was designed to cause physical destruction, rather than simply steal data.

Zetter will be speaking about her upcoming book, Countdown to Zero Day, which tells the story of Stuxnet and the consequences it has brought.

About this Lecture

In June 2010, a small security firm in Belarus discovered a computer worm that infected computers in Iran and caused them to crash. The worm used an ingenious zero-day exploit to spread, but other than this it appeared to be generic malware designed for corporate espionage. But as digital detectives dug through the code and began to reverse-engineer its commands, they soon discovered it was much more sophisticated than previously believed and had a much more insidious goal— to physically sabotage equipment used in Iran’s nuclear program.

Stuxnet, as the malicious program was dubbed, was a landmark attack since it was the first cyberweapon ever discovered in the wild and was the first case of digital code being used for physical destruction. This presentation focuses on how Stuxnet was designed and unleashed on computers in Iran, what made it so unique and sophisticated and why critical infrastructure systems in the U.S. and elsewhere are now at risk of ‘blowback’ and copycat attacks thanks to the authors of Stuxnet.

Helpful Links

How Digital Detectives Deciphered Stuxnet
Zetter’s in-depth article on the Stuxnet virus in Wired
11 July 2011

Stuxnet Computer Worm
An overview of Stuxnet presented on CBS 60 Minutes
04 June 2011

Cracking the Code
PBS Need to Know report on Stuxnet
20 May 2011