Operation Olympic Games
Operational Briefing
Relive the most sophisticated cyber-weapon in history. Infiltrate an air-gapped industrial network, manipulate SCADA systems, and sabotage uranium enrichment centrifuges while maintaining complete stealth.
The Full Story
Stuxnet is widely considered the first true cyber-weapon. Discovered in 2010, it was designed to hunt down and destroy specific industrial components—specifically, nuclear centrifuges used by Iran.
It spread indiscriminately but was harmless to 99% of computers. It only activated when it detected a specific configuration of Siemens SCADA systems found in the Natanz nuclear facility. Once inside, it commanded the centrifuges to spin out of control while simultaneously replaying normal sensor data to the monitoring stations, making everything appear normal until the equipment physically tore itself apart.
Technical Analysis
Key Mechanics
- Zero-Day Exploits: Utilized four separate zero-day vulnerabilities in Windows (including the LNK bug for USB propagation and Print Spooler for network spread).
- PLC Injection: The payload specifically targeted Siemens S7-300 and S7-417 Programmable Logic Controllers (PLCs).
- Rootkit: A user-mode rootkit hid the modified PLC code blocks from the operators.
- Man-in-the-Middle: Intercepted read/write requests to the PLC to spoof sensor data.