Operation Olympic Games
Back to Recollections
Expert
2010

Operation Olympic Games

Target: Natanz Nuclear Facility
Impact: Physical Destruction of Infrastructure

Operational Briefing

Relive the most sophisticated cyber-weapon in history. Infiltrate an air-gapped industrial network, manipulate SCADA systems, and sabotage uranium enrichment centrifuges while maintaining complete stealth.

The Full Story

Stuxnet is widely considered the first true cyber-weapon. Discovered in 2010, it was designed to hunt down and destroy specific industrial components—specifically, nuclear centrifuges used by Iran.

It spread indiscriminately but was harmless to 99% of computers. It only activated when it detected a specific configuration of Siemens SCADA systems found in the Natanz nuclear facility. Once inside, it commanded the centrifuges to spin out of control while simultaneously replaying normal sensor data to the monitoring stations, making everything appear normal until the equipment physically tore itself apart.

Technical Analysis

Key Mechanics

  • Zero-Day Exploits: Utilized four separate zero-day vulnerabilities in Windows (including the LNK bug for USB propagation and Print Spooler for network spread).
  • PLC Injection: The payload specifically targeted Siemens S7-300 and S7-417 Programmable Logic Controllers (PLCs).
  • Rootkit: A user-mode rootkit hid the modified PLC code blocks from the operators.
  • Man-in-the-Middle: Intercepted read/write requests to the PLC to spoof sensor data.

Available Modes

Offensive
Replicate the attack vector
Defensive
Harden systems & patch
Analysis
Forensic investigation

Event Timeline

2005-2009
Development and testing of the worm.
June 2009
Stuxnet 1.0 released in the wild (likely via USB).
March 2010
Stuxnet 1.107 spreads rapidly beyond target.
June 2010
VirusBlokAda discovers the malware.
Late 2010
Iran confirms damage to centrifuges.
#SCADA#Zero-Day#Air-Gapped