Moving forward to 2010, we have a virus that was thought to be in development since 2005. With a virus that’s been in development for this long you’d think this virus caused some serious damage right? Well you would be.

While this malware worm didn’t target typical users, Stuxnet did target SCADA systems. SCADA (Supervisory Control and Data Acquisition) is a high-level supervisory operating system. It was also the system that an Iranian nuclear program used. A program that people believe Stuxnet is responsible for sabotaging.

Looking further at this malware though, Stuxnet actually targets programmable logic controllers or PLCs. These are systems behind automation and controlling specific machines. Because of this Stuxnet was a worm that only affected a handful of specific computers. Unlike other malware I’ve talked about, this heavily targeted Iranian computers (with a study showing Iran got the brunt of the attack with 58.85% of reports stemming from them. Indonesia was second with 18.22% of reports.) that had specific criteria.

Many people look at this and say this was clearly a focused attack since it had designated targets and even behaved in a conservative manner. The worm in question often went undetected and had measures to prevent the worm from spreading en mass. It had a cap os spreading to up to three other systems. It even would erase itself by the 24th of June 2012.

While this virus didn’t impact many people it created a lot of political tension. People from both Israel and United States made subtle nods to this worm suggesting they were indeed behind it. These acts were then countered by various attacks from other countries. In fact the damage Stuxnet caused sparked foreign countries attacking US banks.

At the same time though, Stuxnet is a clear example that countries or individuals these days are fully capable of creating cyber weapons. Likely not in their basement all by themselves obviously, but a group could easily pull it together. I don’t know about you but that’s frightening.