 Stuxnet Stuxnet Stuxnet the Stuxnet superworm That's targeted Iran's nuclear program Stuxnet was the first cyber weapon And it was reportedly written by the US and Israel to attack Iran to try and cause centrifuges in their uranium enrichment facilities to explode originally a Computer in Iran crashed and the operator is called in a security company from Belarus That security company sent out an alert to all of the security industry saying hey We found this thing. It's doing something weird. It's worth your while looking at it within a month The computer bug grabbed the attention of Liam Omerku an operations manager for Symantec We looked at this and we could see this is like nothing we've ever seen before There was more resources needed to analyze Stuxnet than any other threat we've ever looked at so we had people Analyzing Stuxnet 24 hours a day for about four months It just blows anything else out of the water normally we can analyze a virus in half an hour Maybe a complex one in a week Stuxnet appeared to be crawling around the world computer by computer Looking for some sort of industrial operation Immediately we saw it was attacking industrial control systems Industrial control systems can turn on a conveyor belt. They can sense temperature. They can shut down a plant They're what make all plants and factories run So the creators of Stuxnet wanted it to be very targeted But the environment that they wanted to get into is not connected to the internet So what the attackers were trying to do is get the contractors to bring in an infected laptop and infected use bee key In order for that to happen They had to actually infect a lot of people because they didn't know which one of these people was going to be the one Who would carry it into the plant. We had about 250,000 infections in the US, Australia, UK, Germany, France, Malaysia India all over the world The worm needed to spread out as much as possible in order for to try and find a path into the uranium enrichment facilities They were prepared to take that risk of being discovered by being more aggressive. That's ultimately the reason why it was found The challenge with Stuxnet is whoever created it spent tens of millions of dollars at least to develop in years Research and the problem is is when we create a cyber weapon. It doesn't explode. It causes its damage But it exists, you know, somebody gets infected They take their laptop off the network and they're gone traveling for a month They come back they connected into the network and suddenly it's spreading all over again even years later We have energy companies coming to us and saying we found this in our environment And we look at it and it's the same Stuxnet that we saw from three years ago So it's actually quite difficult to eradicate it completely. The Iranians caught it figured out what happened Decompiled it and reverse engineered it. Stuxnet opened Pandora's box It showed that these systems can be attacked and actually here's a blueprint of how you can do it So it's as if we've dropped a Atomic bomb that didn't explode with an instruction manual And now people can take that same bomb and throw it over the fence at us So the problem with the proliferation of cyber weapons is that you don't control who gets that Everybody can get them and then we have the situation of mutual use or destruction yet again I want you to just think for a moment about what happens if there's what's called a false flag attack Somebody appears to be attacking from country A. It's actually country B Masquerading as if it's country A and we choose a massive response Against country A the consequences of this could be devastating When you add in the human aspect that you could have millions of people without electricity The car doesn't start the diabetic pump won't work You could have a shutdown of society because there's no water available It could be relatively catastrophic and bring us back to a pre-industrial world for a period of time Securing those systems and making sure that they run that's really a grand challenge People don't realize that behind all these systems those computers and those computers need to be protected