Stuxnet: the first true cyberweapon


As Iran edged closer to obtaining its first nuclear bomb, various powers across the globe grew fearful. When diplomatic efforts failed to hinder the creation of this nuclear weapon, these powers joined forces. The result – the creation of one of the most powerful weapons in the world.

In the middle of the desert, suppressed under a thick layer of concrete, lies one of the most ambitious and secretive projects Iran has ever seen, one guarded by an entire army and isolated from the rest of the world.

This place is Natanz, a top-secret nuclear facility approximately 200 miles from Tehran.

ADVERTISEMENT

This facility has one goal, one objective: to develop Iran’s very first nuclear bomb.

Serious investments are needed to build a nuclear weapon. You’re talking top nuclear physicists, high-tech facilities, advanced equipment, and a lot of research.

Iran needed some help, so it bought some blueprints from Pakistan, which had already developed and tested its own nuclear bomb.

So, work continued in Natanz, Iran’s largest nuclear facility, where tens of thousands of centrifuges were producing rare weapons-grade Uranium.

The bomb was closer than ever before.

Diplomatic delegations denied

With Iran edging closer to developing its own atomic weapons, various powers across the world became anxious.

The United States, Israel, and other countries across the region became tense, fearful of what might happen if Iran developed weapons of this magnitude.

ADVERTISEMENT

If Iran were to obtain a nuclear weapon, this means all neighboring countries would do whatever humanly possible to get their hands on these weapons, too.

Meaning that the most volatile region on Earth would turn nuclear.

Furthermore, Israel, an ally of the US and sworn enemy of Iran, saw this development as an existential threat to its security. Whereas Iran deemed nuclear weapons integral to its survival.

Initially, negotiations took place where the allies tried to convince Iran to cease all development of the atomic bomb. But no luck.

The powers considered sending bombers to Natanz to destroy the site, but this would only prompt another large-scale conflict in the Middle East.

So, diplomatic efforts to deter Iran’s actions failed, but there was another option.

Originally, it was a temporary solution until a better solution arose, but it eventually evolved into one of the most powerful cyberweapons ever created.

Emergence of “the” cyberweapon

Now, this wasn’t your traditional type of weapon. You may be thinking to thwart the development of nuclear weapons, you would have to use nuclear weapons of your own.

Yet, these powers didn’t opt for this strategy. Instead, they developed a powerful cyberweapon, a malicious computer worm, to infect Iran’s systems.

ADVERTISEMENT

This worm was called Stuxnet, and it was used to disrupt uranium enrichment centrifuges in Natanz. The goal was to slow Iran’s progress until another, more robust solution could be found.

For several years, the NSA conducted research and built a malicious program designed to cause huge problems for Iran’s nuclear ambitions.

The person in charge of this operation was Keith Alexander, the first director of the NSA with a computer science background and a taste for tricky operations.

Finally, the fruits of their labor were placed on George Bush’s desk in 2008, centered around a piece of malware costing $2 billion.

The malware exploited four yet-unknown vulnerabilities in the Windows code. One vulnerability so rare that it could cost millions of dollars on the underground market.

The development and deployment of this malicious software, code-named Operation Olympic Games, was the cyber equivalent of the Moon landing project.

It was supposedly spearheaded by the NSA but involved various specialists from the army, almost every other US security agency, and Israel’s secretive Unit 8200.

The plan was for Stuxnet to infiltrate Natanz, remain hidden, and destroy the centrifuges by spinning them out of control.

This would last several months, and the rate of critical failure would slightly increase, not enough to raise suspicion, but enough to throw a serious wrench into Iran’s nuclear effort.

But the allies encountered a problem: Natanz was completely cut off from the internet.

ADVERTISEMENT

So, they had to devise a plan to physically get the malware inside of Natanz and install it onto the Iranian computer system.

But how, and most importantly, who?

Erik Von Saben, a Dutch spy, enabled the entire operation and delivered the malware to Natanz.

The end of Erik Von Saben

Erik was an agent from AIVD, the Dutch General Intelligence and Security Service or the CIA equivalent of the Netherlands. As a close friend of the US, AIVD agreed to sabotage Iran’s plans.

Erik was a perfect fit for the job, as he had an Iranian wife and regularly smuggled items into Iran.

So, in 2008, Erik received a special mission to visit his wife and her family in Iran for ten days to celebrate the New Year.

But some theorize that this was just a cover story, as Erik was smuggling water pumps, which were sophisticated equipment sanctioned by the United Nations and nearly impossible to acquire for Iran.

These pumps were installed in Iran’s nuclear facility Natanz, but there was a catch.

One of those pumps contained a copy of the malicious worm Stuxnet, the software that the NSA had been developing for several years.

ADVERTISEMENT

Supposedly, the US didn’t notify the AIVD of the operation and allegedly used Erik to gain access to Natanz. This later caused political tensions between America and the Netherlands.

While in Iran, something changed. Something scared Erik so much that he fled the country.

Perhaps he knew of these plans, or he suspected that something was afoot.

After this event, Erik was riding his motorcycle through Sharjah, near Dubai, when suddenly, he lost control, and in a matter of seconds, his neck was broken, and the Dutch secret agent was dead.

Those close to Erik believed that this accident was indeed just an accident, but one employee at AVID disagreed.

“He paid a high price,” the employee proclaimed.

From that point on, no one truly knew how Stuxnet made its way into Natanz until a decade later.

The first true cyberweapon

It was almost 10 years later, with many theories surrounding how the malware entered Iran’s top-secret nuclear facility.

Some theorized that the workers at the facility smuggled it in on a USB (willingly or not).

ADVERTISEMENT

But, in 2019 Dutch journalists conducted an investigation into the incident and found evidence of Erik’s involvement and that intelligence services orchestrated the operation.

Cut to 2024, and only now has the truth been partially revealed.

Various officials from the Netherlands, Israel, and the United States confirmed Erik's role on that fateful day when he delivered those water pumps to Natanz.

Erik supposedly delivered one out of three versions of the malware, as there were supposedly three different versions of Stuxnet sent to Natanz, each more devastating than the last.

Some may have been delivered through USBs, and others may have been delivered in different ways. The truth is yet to be uncovered.

However, the existence of Stuxnet was discovered in 2010 when the third version of the malware spread worldwide.

As researchers combed through the code, they eventually discovered what Stuxnet did, and by that time, Iran had developed a way to mitigate the effects of the malware, which allowed them to continue developing nuclear weapons.

The work at Natanz resumed as planned.

Despite this failure, Stuxnet destroyed approximately 1,000 centrifuges and held up the nuclear program for about a year or two.

However, Stuxnet's impact was far-reaching. Many regard this malware as the first true cyber weapon – the first weapon that caused real physical destruction.

This operation is said to have sparked the age of cyber warfare, an era marked by the work of Erik Von Saben.