The world’s first cyberweapon successfully knocked out roughly one-fifth of Iran’s nuclear centrifuges, but it brought with it an unintended consequence: The rise of an Iranian hacker army.
That’s one of the many takeaways to come from a new film premiering on Friday called “Zero Days,” which examines the history behind the Stuxnet worm — a joint US-Israeli computer virus that led to real world physical destruction.
Stuxnet was rather brilliant in its execution: After Iran’s Natanz nuclear enrichment facility was infected, it recorded the normal processes for 13 days, then it sped up or slowed down centrifuges until they destroyed themselves. But the plant’s operators would see that everything was working normally on their computer screens, and their emergency shutoff switches would do nothing.
Iran initially thoughts its scientists were incompetent, never suspecting a virus. But eventually it became wise to the US-Israeli operation known as Olympic Games, hardening its own computer networks and building its own offensive hacker division to take on the outside world.
“If you were a youth and you see assassination of your nuclear scientists. Your nuclear facilities are getting attacked. Wouldn’t you join your national cyber army?” Emad Kiyaei, executive director of the American Iranian Council, asks in the film.
“Well many did, and that’s why today Iran has one of the largest cyber armies in the world.”
Indeed, Iran has built up a cyber army backed by the highest levels of its government with nearly $20 million in funding to its Revolutionary Guard Corps. In just a few years, it has built the fourth largest cyber army in the world, just behind Russia, China, and the United States.
“They have grown up very fast and very significant over the past few years,” David Kennedy, the CEO of cybersecurity firm TrustedSec, told Tech Insider. “They realise they can’t have any type of superiority around air, or anything like that, especially when it comes to the United States. So they’re investing a lot of it into the cyber piece.”
And it has gone on the offensive, quickly realising the lopsided nature of cyberwarfare.
Iranian hackers launched massive cyber attacks against the US financial sector for more than 176 days between late 2011 and mid-2013, which crippled servers and cost banks “tens of millions of dollars” to fight back the threat, according to Justice Department. They also broke into the control system of a dam in upstate New York, though they did not cause physical damage.
But Iran’s biggest hack came in August 2012, when it broke into Saudi Arabia’s state-owned oil company, Saudi Aramco, and wiped or totally destroyed 35,000 computers. After an emailed phishing link was clicked on by one of the company’s information technology staff, within a matter of hours, the hackers had turned back the clock and pushed one of the world’s biggest oil companies back to using typewriters and handwritten contracts.
The attack was mentioned in a leaked Snowden document as being observed by the National Security Agency: “Iran … has demonstrated a clear ability to learn from the capabilities and actions of others,” the document said.
It also pointed out that Iran’s nearly six-month-long cyberattack on US banks was in retaliation for Stuxnet.
Though Iran has grown up quickly in the cyber realm, the US is still far ahead in its capabilities.
That fact is highlighted in “Zero Days,” which reveals a previously-undisclosed operation called Nitro Zeus, a top-secret cyberattack plan that, thought it was never launched, could have taken out air defences, communications channels, financial sectors, and the power grid in Iran — all without a single bomb dropped.
“It seems pretty reasonable to think that there are things out there today that we haven’t seen that are much more advanced [than Stuxnet],” Liam O’Murchu, a director at Symantec, told Tech Insider.