Countdown to Zero Day: Stuxnet and the Launch of the World’s First Digital Weapon by Kim Zetter is an amazing story. The NSA and Mossad worked to derail the nuclear weapons program of Iran. This begins an amazing story regarding stuxnet. In the end this is a wonderful story about imagination.
The history Kim traces is deeper than anyone could first imagine. Think about your favorite spy movie and technology. Countdown to Zero Day is going to shake you up as I found this book difficult to put down.
The International Atomic Energy Agency learned that centrifuges at an enrichment plant in Natanz were failing at an unprecedented rate. The US and Israel were able to deploy Stuxnet to Siemens industrial control systems in Iran.
Zetter opens this story in Belarus. A computer security firm with customers in Iran found what they initially thought was a rootkit. The virus was causing systems to repeatedly crash and reboot. When they could not resolve the issue they called Sergey Ulasen.
Sergey was able to connect remotely into systems in Iran and upon analysis discovered a modified .LNK file. This also had four additional zero day payloads. The malware attacked every version of Windows including the latest release, Windows 7. However they would soon recognize this was a completely new type of malware. By manipulating digital certificates the malware was able to control physical devices within the nuclear facility.
Specifically Stuxnet targeted Siemens SIMATIC Step 7 software and SIMATIC WinCC applications. This new type of attack surface is known as supervisory control and data acquisition (SCADA) systems and programmable logic controllers (PLC).
NSA and Mossad were able to control and destroy over time industrial devices used in Iran’s nuclear material production. A fascinating understanding is commands in Stuxnet were adjusted in milliseconds. The timing shows the extremely high level of skills needed. This in-effect reduced the amount of material available.
This will surprise many at the level of imagination and technical sophistication required in the late 1990s to place Stuxnet in production for digital warfare.
Just as you think you understand the story and can exhale, Countdown to Zero Day reveals different strains of Stuxnet. The security community had to address Duqu, Flame and also Triton.
Simply fascinating yet terrifying reading.