Blog article
See all stories »

James Bond and the Quantum Worm

Only select few have had a look at the script of the next James Bond feature film.

It seems like Quantum, the secret criminal organization that in previous installments was busy short-selling the stock market by staging terrorist attacks and taking over water supplies to control the economy of South America, has a new target in its crosshairs: the world’s critical infrastructure.

Developing a super-stealthy cyber weapon and then unleashing it in the form of infected USB devices dropped in a packed smart grid industry conference, Quantum is able to infiltrate thousands of computers directly controlling power plants, gas pipes and nuclear facilities.

The opening scene shows Quantum minions crowded in an underwater command center, watching two big plasma screens. The first screen is split to multiple frames: a huge dam, a nuclear plant in a snowy valley, the air control tower of a busy airport, and various other locations.

The second screen seems to be the focus of attention. It features a control room overlooking a gargantuan tube surrounded by magnetic  generators, wired with an infinite number of scientific instruments. One of the PCs in the control room is manned by a sleepy shift manager. Its monitor has a screen saver that reads “Large Hadron Collider – Atlas Station – Emergency Controls”.

 “Commence operation Big Bang”, says a dark uniformed man, his face in the shadows.

A Quantum technician presses some keys. Suddenly the monitor in the control room springs to life, and a series of complex commands appear on the screen. A low hum begins, waking the shift manager who barks some instructions to his mike.

The buzz increases, turning into a full shriek, and various control screens show energy levels increasing all the way to the red danger zone. Frantic activity is now seen: people in  white coveralls run in and out of the control room, but they seem at a loss.

Until a guy in a black suit enters the screen. He pulls out a sleek USB silvery device and plugs it into the PC, then sits and feverishly types commands into the keyboard. The noise level is crazy, red claxon lights and ‘Evacuate! Evacuate!’ warning on the PA adding to the general vibrating whine of the equipment.

‘Who is this guy’? demands the uniformed Quantum, but no one cares to answer.

Within a minute, the buzz starts to subside. James Bond stands up, and aims his Walter PPK handgun at the bundle of plugs connecting the computer he worked on to the grid. He unceremonially releases three rapid shots.

***

OK, so this isn’t really the next James Bond script, but for all purposes, it could be. The Stuxnet worm, which researchers agree is the most sophisticated Cyber attack the public has ever witnessed, is pure James Bond material. For the first time a digital Trojan is affecting the real world.

Stuxnet is the first of its kind. The mysterious creators of Stuxnet – and right now we can only speculate who they are – invested time and resources in building a Trojan that can penetrate deep into top secret critical infrastructures, spy on sensitive data, and execute commands capable of manipulating or even destroying physical components that regulate the critical process.

If they find a way to extract the data, the operators of Stuxnet could also spy on some of the world’s most sensitive environments.

While the theoretical possibilities always existed, the fact such a worm came into being, infiltrated its targets and ran undetected for long months is extraordinary.

Is Stuxnet a Cyber Weapon developed by a state nation against a specific target? There’s lots of evidence to suggest so, but also lots of contradicting clues.

But perhaps this isn’t that important. As Sam Curry says in his Speaking of Security blog posts here and here, “the malware that used to threaten your PC can now go after your assembly line, and a new audience has to engineer and streamline operations to take this into account in their architectures, planning, implementations and operations”.

And this raises a question. If legacy critical infrastructure control systems, such as the ones attacked by Stuxnet, are vulnerable to sophisticated attackers, how exposed will the more distributed Smart Grid be?

 

3454

Comments: (0)

Uri Rivner

Uri Rivner

Chief Cyber Officer

BioCatch

Member since

14 Apr 2008

Location

Tel Aviv

Blog posts

83

Comments

36

This post is from a series of posts in the group:

Innovation in Financial Services

A discussion of trends in innovation management within financial institutions, and the key processes, technology and cultural shifts driving innovation.


See all