The threat potential of Stuxnetlike malware hitting and crippling industrial plants and utilities is very high for India
In February 2010 when International Atomic Energy Agency (IAEA) inspectors were busy preparing the quarterly report on Iran’s nuclear program, it started registering a strange problem. The country had pulled the plug on about 1,000 of the 8,692 installed centrifuges at its Natanz plant.
According to a December 23, 2010 report released by the Institute for Science and International Security (ISIS), while Iran’s centrifuges areknown to break nd to be replaced frequently, the pace of breakage in February 2010 exceeded expectations and occurred during an extended period of relatively poor centrifuge performance.
By mid-November, Iran was forced to temporarily halt the enrichment process at Natanz due to widespread fluctuations in centrifuge operations, the ISIS report reveals.
While the country continued to avoid talking about the issue throughout 2010, the severity of the problem compelled the Iranian President Mahmoud Ahmadinejad by the end of November 2010 to admit that a computer virus had indeed caused problems with the controller handling the centrifuges at its Natanz facilities. This was Stuxnet, the new cyber weapon that goes beyond cyber espionage and denial-ofservice type of attacks against Web services and has the capability to cause real-world damage to physical assets.
Stuxnet is a computer worm that is believed to be specifically written to attack Supervisory Control and Data Acquisition (SCADA) systems used to control and monitor industrial processes. Worse, it also has the capability to reprogram the programmable logic controller rootkit.
Imagine the potential damage that perpetrators of malware like Stuxnet can cause by remotely taking over industrial operations and by making machinery open or close a valve of gas or water lines, increase or disrupt power supply to a particular grid, or cause a blast at a nuclear power plant, undetected by the plant’s operators because the virus manipulates the reporting dashboard to show that instructions are being followed.
Strangely enough, while many countries are pursuing Critical Infrastructure Protection (CIP) initiatives, with the US leading the pack with the proposed National Centre for Cybersecurity and Communications, or N Triple C, within the Department of Homeland Security, India is yet to wake up to the perils of the lack of it.
While sources suggest that Indian Computer Emergency Response Team (ICERT) had recently held a meeting of all critical infrastructure stakeholders in the country, the country’s National Disaster Management Authority (NDMA) and its constituents—the National Disaster Response Force, National Disaster Mitigation Resource Centres, and National Institute of Disaster Management—are yet to be roped in.
All this despite the fact that India is one of the top three countries infected by something that The Christian Science Monitor calls the world’s first known ‘cyber missile.’ The country also needs to remember that Stuxnet is possibly just the first highly visible sign of cyber warfare and as security firm Symantec warns, India, and the rest of the world, should be ready for additional attacks targeting critical infrastructure in 2011.