Berlin International Film Festival and Zero-Day Exploits
At the Berlin International Film Festival 2016, Oscar-winning director Alex Gibney takes on the topic of Zero-Day exploits with a prominent example: The computer worm Stuxnet. Many films of this year ’s film festival in Berlin are exciting and worth watching. But, we are most excited about the documentary Zero Days, which deals with the steady and fast rising cyber world and its vulnerabilities. What happens when hackers and institutions not only steal and destroy data, but use malware to control machines, systems and networks using zero-day exploits?
Stuxnet: The First Cyber Weapon
The movie centers around the computer worm Stuxnet, which can be described as the first digital weapon and part of Operation NITRO ZEUS, which is said to originate from the US and Israel, with the aim to disrupt the Iranian nuclear program. The worm causes real damage in machines which are controlled by the Computers that are affected. At the Iranian nuclear plant in Natanz centrifuges that separate nuclear material have been destroyed. If the worm was actually designed and spread by the US and Israeli Government – it is vehemently denied, but Gibney aims to prove it by interpreting the code of the worm and other findings – then this means that Stuxnet is part of the first, actual cyber war. Director Gibney calls it the most complex cyber war plan that the US ever designed (German source: Zeit).
The title of the film refers to so called zero-day exploits, which are attacks that take advantage of unknown vulnerabilities in software. The name comes from the fact that in the case of an attack there are zero days left – which means no time at all – to fix the vulnerability. The damage is already done. Very often, those vulnerabilities only become publicly known after a zero-day exploit happens. Afterwards, the developer of the software tries to create a patch. Before they do that, even antivirus software cannot protect the system from that malware. According to Wired-author Kim Zetter, who wrote a book about Stuxnet (Countdown to Zero Day), the worm used several zero-day vulnerabilities, for example the print-spooler zero-day exploit, which Kaspersky Lab later found in the Code of the targeted Siemens computers.
Human Hosts Used to Spread the Worm
Another interesting point are the different ways to distribute the worm. The malware was programmed in a way that it could also reach computers which are not online; it can spread over USB flash drives. To reach the nuclear power plant, which operates offline, potential contractors were infected with the worm. Their systems are connected to the internet and their security standards are probably lower than the ones at a military facility. The worm infected the USB drives of those companies and through them found its way to the high security facility. Industrial and military facilities depend on outside contractors and are therefore vulnerable, since many companies don’t train their employees sufficiently in cyber security and risks.
Zero Days offers exciting and scary insights about the possibilities of cyber warfare and directs public attention towards the important topic of cybersecurity. Because of its great investigative efforts it would have more than deserved to be the first documentary to win the Golden Bear at the International Film Festival Berlin.