After the significant discoveries of the last days, let’s end the year with an up-to-date bottom line.
1. It is beyond reasonable doubt that Stuxnet was developed to delay the Iranian uranium enrichment program by physically damaging centrifuges.
2. The attack was not designed for one simultaneous big bang. It was designed to proceed slowly and incrementally. We expect that right now, many more centrifuges than the 984 mentioned in the ISIS report have been damaged by Stuxnet. (The next IAEA inspection, scheduled to take place in about two months, will give clarity.)
3. A full analysis of the attack is possible without even getting near the control system cabinets in Natanz. All that is needed is a good understanding of how an IR-1 cascade is organized and operated, along with some basic information on the instrumentation.
4. The forces behind such a high-profile attack can be traced easily. Stuxnet required an extreme amount of intelligence about the Natanz plant layout, a full understanding of the IR-1 operation (presumably with a mockup test system available), and an extreme amount of insider knowledge of the Siemens products involved. This limits the search for the originators to very few organizations in the world.
5. Stuxnet’s attack code, available on the Internet, provides an excellent blueprint and jump-start for developing a new generation of cyber warfare weapons. It must be assumed that nation states with any intent to build up cyber warfare capability, such as China and Russia, are already in the process of analyzing the code down to the last bit, and are developing concepts and tools for similar attacks. The targets for these future weapons will most likely not be located in the Middle East.
Best wishes for 2011 from the Langner team