The Mother Virus Has Arrived: Is Blackenergy malware the future of cyberwarfare? - by Aaron Ernst

Five years ago, the most sophisticated cyber weapon the world had ever seen ravaged Iran's nuclear program. Allegedly developed by the U.S. and Israel, the complex virus infected the computer system that ran the centrifuges.

 Slight tweaks to the software caused hundreds of the centrifuges to self-destruct, setting the program back years. The malware was dubbed Stuxnet.

Traditionally, foreign governments have used malware to spy and steal. But this was something entirely different.

“Stuxnet, it is a weapon, it’s not 'like' a weapon,” says German computer security expert Ralph Langner, who was the first to identify how the virus worked. “It is a weapon because it was designed to cause physical damage.”

Now, Langner worries that Stuxnet could come back to haunt the U.S. Those same vulnerabilities in Iran's nuclear control systems that the malware exploited can be found in similar systems throughout America.

“These components are used in chemical plants, nuclear power plants, everywhere," Langner said. “We open Pandora's box without any idea, any clue, how we would deal with that when somebody turns that around.

And that turnaround is only a question of time.”

But there are signs the threat that Langner has feared may have already arrived.

Malicious code could theoretically be used to manipulate the controls of pipelines, water purification systems, power generators and other critical infrastructure, resulting in real-world physical damage. That could mean blackouts or disruptions to an entire city's water supply. In short, it could be catastrophic.

Read more: Is Blackenergy malware the future of cyberwarfare? | Al Jazeera America