The Target
In 2010, the world learned of a new kind of weapon. One that didn't explode, but silently infiltrated and destroyed its target from the inside. Its name was Stuxnet, and its target was the Natanz nuclear facility in Iran.
"This was the first time a cyberweapon was used to cause physical, kinetic damage. It crossed a Rubicon. The world of warfare was never the same." – Dr. Evelyn Reed, Cybersecurity Analyst
The Attack Vector
The Natanz facility was "air-gapped" - completely disconnected from the internet. The attackers needed a physical way in. They targeted external contractors, infecting their systems. When a contractor plugged a USB drive into the Natanz network, the worm jumped the gap.
// Simplified representation of Stuxnet's autorun.inf [autorun] open=wscript.exe .\res\payload.vbs shell\open\command=wscript.exe .\res\payload.vbs ; When the USB is inserted, this script executes silently.
The Payload
Once inside, Stuxnet spread with unprecedented sophistication, using four different "zero-day" exploits—vulnerabilities unknown to software vendors. Its ultimate goal was to find the Siemens Step7 controllers that managed the uranium enrichment centrifuges.
The worm would subtly alter the centrifuges' rotational speed, causing them to spin too fast or too slow, leading to catastrophic failure. Critically, it replayed normal operating data to the control room, so for months, no one knew anything was wrong.
Interactive Evidence Board
Explore key pieces of evidence from the investigation.
Attack Path
Malware Signature
Key Players
How It Was Stopped
The worm was eventually discovered by Sergey Ulasen, a researcher at a small Belarusian security firm, VirusBlokAda. He was called to investigate computers in Iran that were crashing and rebooting. He found a driver file with a valid digital signature from Realtek, a legitimate hardware company. This was highly unusual and a major red flag.
This discovery kicked off a global investigation by security firms like Symantec and Kaspersky Lab. By reverse-engineering the massive, complex code, they slowly pieced together its purpose, its targets, and its unprecedented nature. The world had been put on notice.