For years, cybersecurity hawks have painted grim pictures of a “cyber Pearl Harbor,” when sophisticated hackers will be able to infiltrate and commandeer critical U.S. networks to wreak whatever havoc they choose. Yet for some reason, when the most advanced cyber-espionage malware known was discovered on American systems, the usually indefatigable “tough on cyberterror” crowd was quiet.
The malware was made public in June, when Russian software security firm Kaspersky Lab rocked the information-security community by revealing that a powerful computer worm—similar to the 2010 Stuxnet virus—had been unleashed on computers in America and around the world roughly one year prior. The new malware, called “Duqu 2” for its apparent succession to 2011’s Duqu worm, alarmed info-security professionals with both its unprecedented strength and audacious targets. For months, attackers deployed frighteningly sophisticated espionage technology to secretly spy on all sorts of parties involved (however tenuously) in the ongoing Iranian nuclear negotiations, including government leaders, telecommunication and electrical-equipment companies, and impartial researchers.
Worms like Stuxnet and Duqu are worlds away from the run-of-the-mill “script kiddie” hacks that take Xbox Live offline or deface the USCENTCOM Twitter account. When executed, this elite class of malware allows external entities to expertly enter almost every cranny of even the best-protected networks, capture stored data and live keystrokes, and even assume control of large-scale industrial targets like nuclear reactors, power plants, and air traffic control systems—often leaving virtually no trace of invasion for months. In other words, Stuxnet-like infections provide the technical means to wreak exactly the kinds of “planes falling out of the sky” doomsday scenarios so beloved by cyber-fearmongers.