Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo


Unsupported browser: Your browser does not meet modern web standards. See how it scores »

{ action.text }

Stuxnet went far beyond shutting down or disrupting operations. After infecting Seimens-made control systems, it sent out instructions that would damage delicate centrifuges, in which bomb- or reactor-grade uranium is separated from naturally occurring uranium. In a Hollywood touch, the worm also displayed normal information on computer screens so that human operators wouldn’t notice the attacks.

Stuxnet is widely regarded as the most sophisticated piece of malicious software ever created. Earlier this year, the New York Times reported that Stuxnet was tested by Israeli agents on centrifuges at an Israeli site, and pointed to this and other clues that Stuxnet may have been “designed as an American-Israeli project to sabotage the Iranian program.”

But much is not known. “We don’t know what it’s for. The initial speculation is that it was a precursor to the next Stuxnet, but we don’t know anything,” says Bruce Schneier, a cryptologist and security expert. “It is what it is. We don’t know.”

Duqu creates a kind of “back door” that can receive commands from, and deliver information to, a so-called command-and-control server somewhere in India. (That server is not known to have sent out instructions, Symantec says.) The company says the back door stays open for only 36 days, and then the malware deletes itself.

Symantec says its researchers—after sending out a detection tool following the discovery of the code in Europe—have found Duqu on industrial computers “around the globe.” Like Stuxnet, which infected thousands of computers in 155 countries last year, Duqu got aboard victim computers by means of a stolen digital certificate—a cryptographic code that authenticates a piece of software on a target machine. “On the whole, this underscores the critical importance of cyberspace security policy and practices, national, regionally, and internationally,” Deibert says.

1 comment. Share your thoughts »

Credit: DigitalGlobe

Tagged: Computing, Web, malware, virus, Iran, espionage, cyberwar

Reprints and Permissions | Send feedback to the editor

From the Archives


Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me