Nicole Perlroth

Dale has a cryptographer's calm, careful way about him. He's not easily spooked. But when he rang me in late 2012, he sounded noticeably shaken.

Dale has a cryptographer's calm, careful way about him. He's not easily spooked. But when he rang me in late 2012, he sounded noticeably shaken.

Key to what Dale just said are two words, remote connections. Telvent software didn't just monitor critical infrastructure. It had direct remote access. And now that access belonged to Beijing, too. As Dale spoke, I googled Telvent, and there, in big bright letters on its website, was the following stat. Telvent software connected into more than half of the pipelines in North America.

Key to what Dale just said are two words, remote connections. Telvent software didn't just monitor critical infrastructure. It had direct remote access. And now that access belonged to Beijing, too. As Dale spoke, I googled Telvent, and there, in big bright letters on its website, was the following stat. Telvent software connected into more than half of the pipelines in North America.

Now, it's critical to place ourselves here. This was 2012. Russia wouldn't hack Ukraine's grid for another three years. At that point, it was still hard to fathom why China's hackers would even want direct access to our water and gas pipelines. We had yet to see any serious cyber attack on critical infrastructure anywhere in the world, with one notable exception.

Now, it's critical to place ourselves here. This was 2012. Russia wouldn't hack Ukraine's grid for another three years. At that point, it was still hard to fathom why China's hackers would even want direct access to our water and gas pipelines. We had yet to see any serious cyber attack on critical infrastructure anywhere in the world, with one notable exception.

To this day, Stuxnet remains the most sophisticated cyber attack on record. For the uninitiated, Stuxnet was a joint U.S.-Israeli effort to sabotage Iran's nuclear program with code. and it worked spectacularly for a time. It was a computer worm that someone, we still don't know who exactly, injected into the computers at Ron's Natanz nuclear plant with a thumb drive.

To this day, Stuxnet remains the most sophisticated cyber attack on record. For the uninitiated, Stuxnet was a joint U.S.-Israeli effort to sabotage Iran's nuclear program with code. and it worked spectacularly for a time. It was a computer worm that someone, we still don't know who exactly, injected into the computers at Ron's Natanz nuclear plant with a thumb drive.

And what that thumb drive unleashed was a string of zero days that enabled the worm to jump the air gap from engineers' computers on the IT side into the actual operations network, where the worm buried itself inside Natan's nuclear enrichment operations, and specifically the computers that control Iran's uranium centrifuges.

And what that thumb drive unleashed was a string of zero days that enabled the worm to jump the air gap from engineers' computers on the IT side into the actual operations network, where the worm buried itself inside Natan's nuclear enrichment operations, and specifically the computers that control Iran's uranium centrifuges.

Those centrifuges, they form the beating heart of Iran's nuclear aspirations. Because to get weapons-grade uranium, you need to enrich uranium to a very high concentration of the isotope. And that, that requires spinning thousands of centrifuges at unthinkable speeds. We're talking more than 100,000 revolutions a minute.

Those centrifuges, they form the beating heart of Iran's nuclear aspirations. Because to get weapons-grade uranium, you need to enrich uranium to a very high concentration of the isotope. And that, that requires spinning thousands of centrifuges at unthinkable speeds. We're talking more than 100,000 revolutions a minute.

But the rotors that spin these centrifuges, they're incredibly fragile and can be quite fickle. They break all the time, and they're controlled by these specialized computers that monitor and dictate their speed. And in 2009, those very computers were now controlled by code, working at the command of two of the world's most advanced intelligence agencies.

But the rotors that spin these centrifuges, they're incredibly fragile and can be quite fickle. They break all the time, and they're controlled by these specialized computers that monitor and dictate their speed. And in 2009, those very computers were now controlled by code, working at the command of two of the world's most advanced intelligence agencies.

Stuxnet got to work spinning centrifuge rotors up. Then it would sit back for a few weeks and do nothing. Then it would slow the rotors way down. Sleep, speed up. Sleep, slow down. Sleep, repeat. And all the while, there was this Ocean's Eleven quality to the whole operation. If any of Natan's engineers happened to be watching their computer screens, everything appeared to be spinning just fine.

Stuxnet got to work spinning centrifuge rotors up. Then it would sit back for a few weeks and do nothing. Then it would slow the rotors way down. Sleep, speed up. Sleep, slow down. Sleep, repeat. And all the while, there was this Ocean's Eleven quality to the whole operation. If any of Natan's engineers happened to be watching their computer screens, everything appeared to be spinning just fine.

When right under their noses, Stuxnet was actively destroying a fifth of Iran's uranium supply and pushing Tehran's nuclear ambitions back years, all carefully choreographed to look like a natural accident. Inside Natan's, technicians couldn't make sense of it. The centrifuges were breaking down, but careful inspection turned up nothing unusual.

When right under their noses, Stuxnet was actively destroying a fifth of Iran's uranium supply and pushing Tehran's nuclear ambitions back years, all carefully choreographed to look like a natural accident. Inside Natan's, technicians couldn't make sense of it. The centrifuges were breaking down, but careful inspection turned up nothing unusual.

Suspecting subterfuge, Natan's officials started turning on each other. Several of the technicians were fired, and those remaining were told to physically guard the centrifuges with their lives. And all the while, their computers told them everything was just fine. The first inkling nuclear inspectors had that something was off here came in January 2010.

Suspecting subterfuge, Natan's officials started turning on each other. Several of the technicians were fired, and those remaining were told to physically guard the centrifuges with their lives. And all the while, their computers told them everything was just fine. The first inkling nuclear inspectors had that something was off here came in January 2010.