Last year word broke of a computer virus that had managed to slip into Iran’s highly secure nuclear enrichment facilities. Most viruses multiply without prejudice, but the Stuxnet virus had a specific target in its sights—one that is not connected to the Internet. Stuxnet was planted on a USB stick that was handed to an unsuspecting technician, who plugged it into a computer at a secure facility. Once inside, the virus spread silently for months, searching for a computer that was connected to a prosaic piece of machinery: a programmable logic controller, a special-purpose collection of microelectronics that commonly controls the cogs of industry—valves, gears, motors and switches. When Stuxnet identified its prey, it slipped in, unnoticed, and seized control.
The targeted controllers were attached to the centrifuges at the heart of Iran’s nuclear ambitions. Thousands of these centrifuges are needed to process uranium ore into the highly enriched uranium needed to create a nuclear weapon. Under normal operating conditions, the centrifuges spin so fast that their outer edges travel just below the speed of sound. Stuxnet bumped this speed up to nearly 1,000 miles per hour, past the point where the rotor would likely fly apart, according to a December report by the Institute for Science and International Security. At the same time, Stuxnet sent false signals to control systems indicating that everything was normal. Although the total extent of the damage to Iran’s nuclear program remains unclear, the report notes that Iran had to replace about 1,000 centrifuges at its Natanz enrichment facility in late 2009 or early 2010.