During a casual afternoon during a lockdown and a pandemic, all types of ideas can get into your head. And one virus popped out in my mind recently that is extremely similar to the latest Coronavirus outbreak – the Stuxnet worm.
Coronavirus and STUXNET: How Can STUXNET be Compared to SARS-nCoV (Coronavirus)?
Stuxnet is a malicious software, also known as Worm that was first detected way back in 2010, but when detected, experts have managed to reveal that the worm has been in development ever since 2005 and maybe even earlier than that time. An when it comes to the latest SARS virus, causing the COVID-19 illness, everyone referring it as the “Coronavirus”, there are a lot of even disturbing similarities that can jump In your head. This is why, I decided to let it all out and explain more about why computer viruses should not be underestimated and why the measures taken in terms of cyber-security and protection should be as strict as China’s measures in their battle against this virus. So, lets not waste any further time and get right down to the interesting part – the similarities!
Related: Hospitals Hit by Ransomware During Coronavirus Pandemic
#1: The World Impact
Both the viruses, Coronavirus and STUXNET have one and most important thing in common is the global impact they had in the world. And while with STUXNET, there were no known or declassified victims after the malware was detected, it almost started World War III. And when it comes to the Coronavirus, one very important thing is that it locked down the whole world in a matter of weeks time. Not only this, but also bear in mind that STUXNET and Coronavirus were both quickly spread onto a global scale. The only difference here is that the Coronavirus attacks people singlehandedly, while STUXNET attacks places that can wipe out the Earth at a click of a button. So which one is more dangerous, then? The answer is both, since they are equally nasty and hazardous.
#2: The Capabilities
In June, 2010, a computer virus (Stuxnet) was discovered lurking in the databases of Power Plants, Traffic Control Systems and all kinds of factories around the world. STUXNET is 20 times more complex than any virus that has been released up until this point. The virus was so complex, that its capabilites included turning up the pressure inside a nuclear reactors or switching off entire oil pipelines while telling the system operators everything with their facility is normal. When you compare that to the Coronavirus, it also has a devastating capability to spread and shut down entire organs of your body, which is the actual reason why people die – organ failure. So both viruses are extremely capable in causing massive damage, that is for sure.
#3: The Exploit
STUXNET is a computer worm that spreads via the same orthodox methods as the Coronavirus in its logical sequence – it uses kind of like an “exploit”. Most malware infects a computer system via fake security certificates, that grant it clearance over the computer system. STUXNET, however was different. The virus actually uses a REAL security certificate, many believed was stolen from one of the biggest security tech companies – Realtek. STUXNET exploited security holes, that we all know as Zero Days – a hole that nobody was unaware of for years time. These can be sold in the dark net and the prices for a working zero-day can be sold in the underground for prices ranging from $100,000 all the way up to millions of dollars, depending on what exactly you want to penetrate. And when it comes to STUXNET, the virus used around 20 of exactly those Zero-Days, so you can pretty much gain a faint imagination of the sheer complexity of this threat.
In comparison to that, health inspectors and resarchers leading the battle against the SARS-nCoV also claim that this virus is different than other coronaviruses out there. Specifically the group of Coronaviruses can be divided into 4 main categories:
- Alphacoronavirus
- Betacoronavirus
- Gammacoronavirus
- Deltacoronavirus
From these 4 categories, the SARS, MERS and the COVID-19 can be the most lethal forms and the difference betweeen COVID-10 and them is that the virus enters your body by air so all you have to do is to breathe the same air as someone infected close to you. And the “exploit” here is that the virus can be in your body for up to 14 days time without ANY symptoms. These 14 days are the incubation period and during this time you do not know that you are infected until your organism detects the virus after this time passes. During this time, you can infect a lot of people without even knowing it, kind of like a botnet worm, which is STUXNET does.
Related: Coronavirus App Developed by Iranian Government Spying on Users
#4: The Symptoms
When it comes to the Coronavirus, the symptoms, as I mentioned are next to none, until the organism detects those symptoms. At the time of writing this, French experts are trying to devise a vaccine for the virus that makes your body detect the virus as soon as it gets into the system. This helps the organism detect it and eliminate it, just like an antivurs software eliminates STUXNET. But STUXNET is also as complicated and as symptomless. In fact when stuxnet infects a given system controll device, the virus is not activated. The main difference here, is that the virus was specifically targeted to shut down the centrofuges that spin Iran’s enrichment facilities for their nuclear program. So you can consider STUXNET to be a weapon, made of code, whereas the Coronavirus is a form of a weapon against the human body, looking to shut down organs.
#5: The Sophistication
The STUXNET virus was so sophisticated that it took researchers more than a year to reverse-engineer it. As Mikko Hypponen said in an interview, there are viruses that take hours to reverse engineer and STUXNET took months of time to even begin to understand how it spreads from computer to computer. With Coronavirus, the complication was not so much lying in the discovery of how it infects and on which surfaces, the virus remains, although this still cannot be said with certainty. The main complications for researchers and virus experts is to devise a vaccine, because of one thing – the clinical testing. And while Stuxnet was shut down just in time, the Coronavirus cannot be stopped with a simple patch, but a vaccine, that makes it way more complicated. But the protection measures are the same for both viruses – people need to implement certain actions to prevent the virus from infecting their computers. And with Coronavirus, people need to take measures as well. So just like an antivirus and IPS (intrusion prevention system), people need to learn how to prevent the same intrusion but from an enemy that is without symptoms.
The Conclusion
STUXNET is a virus, whose sheer scale and complication was never seen before in our times. It was the beggining of e new era – series of other attacks later on, like massive Zombie botnet worms, cyber-espionage worms and many other types of malware. There as even the WannaCry outbreak, which we can also relate to the Coronavirus Outbreak in one way or another, since it did target both organizations and people’s home computers alike. The difference with Coronavirus is that there is no ransom to be paid to get your health back up and this is what makes it so deadly and dangerous. And with viruses, like WannaCry and STUXNET, experts were able to make a patch almost immediately. But when it comes to a pandemic threat that has spread in a matter of weeks time on a global scale, people need to really think about how they will react to protecting themselves against it, until a vaccine (patch) is out there to help stop this virus. We have been facing many viruses, just like this one and now, if we catch a virus, like Influenza, our organisms are prepared to cope with it and eliminate the virus, like a common cold, because there is let’s say “patch” for it. The same will likely happen here, with time being of essence. And people need to learn from the past threats in order to prevent such viruses in the future – both like STUXNET and the COVID-19.
Ventsislav Krastev
Ventsislav is a cybersecurity expert at SensorsTechForum since 2015. He has been researching, covering, helping victims with the latest malware infections plus testing and reviewing software and the newest tech developments. Having graduated Marketing as well, Ventsislav also has passion for learning new shifts and innovations in cybersecurity that become game changers. After studying Value Chain Management, Network Administration and Computer Administration of System Applications, he found his true calling within the cybersecrurity industry and is a strong believer in the education of every user towards online safety and security.
Follow Me: