First publicly known nation-state cyber weapon designed to physically destroy industrial equipment. Targeted Iranian Siemens PLCs controlling uranium centrifuges with precision sabotage code.
Stuxnet's designers created a remarkably sophisticated piece of malware that could identify the specific configuration of Siemens S7-315 and S7-417 programmable logic controllers used in Iranian centrifuge arrays, ensuring it only activated its destructive payload when operating in the correct environment. The weapon's most innovative feature was its ability to cause centrifuges to spin at destructive speeds while reporting normal operation to Iranian monitoring systems, delaying discovery of the sabotage campaign by months. Stuxnet's discovery in 2010 inaugurated the era of public awareness about state-sponsored cyber weapons and fundamentally changed how nations think about critical infrastructure security.
Destroyed ~1,000 Iranian centrifuges at Natanz 2010; first acknowledged state-sponsored cyber-physical attack
Stuxnet was developed by NSA and Unit 8200 without public commercial contractors. The legacy of Stuxnet has driven massive investment in industrial cybersecurity firms including Claroty (private) and Dragos (private).