Invisible weapon

In four steps, Stuxnet infiltrated a nuclear factory undetected, then hunted down and destroyed its target. But how?


Stuxnet gets onto the network

Getty Images


Security experts believe Stuxnet was transferred into the Natanz plant on a memory device.

According to cyber-security firm Symantec, Stuxnet probably arrived at Iran’s nuclear plan Natanz on an infected USB stick.

Someone would have had to physically insert the USB into a computer attached to the network – this could have been done deliberately or accidentally. The worm then uploaded itself into the plant’s computer system.

Immediately after

Worm spreads through computers

Getty Images


Stuxnet was designed to quickly spread through the plant’s network. It was looking for computers that control centrifuges.

Once inside the computer system, Stuxnet searched for software that controls machines called centrifuges.

Centrifuges spin materials at high speeds to separate out their components. In the Natanz plant, the centrifuges were separating different types of uranium, to isolate the type (called ‘enriched uranium’) that is critical for both nuclear power and nuclear weapons.

Soon after

Stuxnet re-programmes centrifuges

Getty Images


Hundreds of centrifuges were hijacked and instructed to spin out of control.

The worm found the controlling software and inserted itself into it, seizing control of the centrifuges.

Stuxnet carried out two separate attacks. First, it made the centrifuges spin dangerously fast, for about 15 minutes, before returning to normal speed. Then, about a month later, it slowed the centrifuges down for around 50 minutes. This was repeated for several months.

Several months later

1,000 machines are destroyed

Getty Images


Around 1,000 fuel enrichment centrifuges at Natanz had to be replaced.

Over time, the strain from the excessive speeds caused infected machines to disintegrate.

It is reported that Iran decommissioned around 20 per cent of its centrifuges in the Natanz plant during the attack.