When I started my computer science program, and was taking the first of the introductory classes during fall 2009, our Alice prof mentioned the need for programmers with security training to “harden” critical utility infrastructure. This was before the Stuxnet computer virus did its thing to the Iran centrifuges. Having a bit of life experience, my immediate conclusion was that if the threat had been identified, and was actively being discussed within the U.S., it was because there were tools capable of doing so either in development at a skunkworks, or already deployed against enemies of the U.S.
Nine months later, Kaspersky Labs first identified the Stuxnet virus used to destabilize the Iranian uranium centrifuges. This article, published by the IEEE’s Spectrum magazine this month, tells the story in some detail.