Cyberattack: Stuxnet’s revelation
and Shodan’s window into vulnerability

A team of hackers apparently designed and deployed Stuxnet, an extraordinarily sophisticated software "worm" with malicious code that exploited four zero days, the name given to previously unknown vulnerabilities.

The worm rapidly spread across the Internet, but most of the computers and systems infected were in Iran.

At the Iranian nuclear processing facility in Natanz, the worm was probably introduced into the computer network through an infected thumb drive, specialists say.

Stuxnet took command of a Siemens S7, an industrial control system.

Eventually, the affected S7 sent misleading data to monitors while directing uranium-enriching centrifuges to spin at speeds well beyond their tolerances. Hundreds apparently were damaged.

The Siemens S7 is a small box designed to control a wide variety of industrial machines and devices. Hackers have identified several vulnerabilities in its system.

Internet-connected devices, including the S7 and other control systems, were once largely invisible. However, a search engine, Shodan, has now made it possible to locate devices that are even loosely connected to the Internet. Shodan has found and mapped almost 100 million devices in the past three years.

Hackers have successfully entered, and sometimes manipulated, water- and sewer-treatment plants, particle accelerators and other systems.

Government and industry officials are scrambling to improve security of industrial control systems by creating layers of defense: stronger password protections and physical separations that cannot be breached by wireless connections.