Monday, January 17, 2011

This past weekend's New York Times story on the Stuxnet computer worm contained a wonderful, fiendishly clever little detail:
The computer program also secretly recorded what normal operations at the
nuclear plant looked like, then played those readings back to plant operators,
like a pre-recorded security tape in a bank heist, so that it would appear that
everything was operating normally while the centrifuges were actually tearing
themselves apart.
Now, I don't happen to believe for a minute that the program did any such thing. First of all, it'd be very difficult to do so--you'd have to alter all the changing details of operation, such as timestamps and run durations, while keeping all the consistent details the same. Anyone who understood the data generated by the monitoring systems that well would almost certainly be able to have the software simply create bogus-but-plausible readings out of whole cloth, rather than record and replay samples of previous problem-free runs. (And how would the software know those previous runs were actually problem-free, anyway? A log that contained data showing the same rare anomaly over and over would look mighty suspicious...)

On the other hand, suppose you're an intelligence official working on the Stuxnet project. You know that the worm has succeeded in disabling some fraction--but not all, and probably not even most--of the Iranian regime's nuclear fuel-generating centrifuges, and is now being thoroughly purged from all its facilities. How do you maximize the cost and difficulty of the Iranians' task, given that your whole cyber-sabotage operation has pretty much played itself out?

Why, you drop a little hint to the New York Times, to the effect that all the Iranian systems that appear to have been untouched by Stuxnet may simply have been faking it, presenting perfectly fine data while actually being infected and destroying themselves. That way, the Iranians--if they're naive enough to believe the New York Times--will have to minutely examine every single machine in their facility, to check for physical signs of damage, rather than simply scrubbing the facilities that appear to have gone awry. Fiendishly clever, indeed!