A computer worm that has infected industrial computers around the world may be part of a campaign targeting nuclear installations in Iran, computer-security researchers said.

Iranian media reports say the country’s nuclear agency is trying to combat a complex computer worm that has affected industrial sites in Iran and is capable of taking over power plants.

The semi-official ISNA news agency says Iranian nuclear experts met this week to discuss how to remove the malicious computer code, dubbed Stuxnet, which can take over systems that control the inner workings of industrial plants.
Experts in Germany discovered the worm in July. It has since shown up in attacks in Iran, Indonesia, India and the U.S.

Friday’s report said the malware had spread throughout Iran, but did not elaborate. Foreign media reports have speculated the worm was aimed at disrupting Iran’s first nuclear power plant, which is to go online in October.

The worm’s sophisticated programming and ability to hide itself suggest it may have been built by a government-sponsored organization in a country such as the U.S. or Israel, said Frank Rieger, technology chief at GSMK, a maker of encrypted mobile phones.

He estimated that building the worm cost at least $3 million and required a team of as many as 10 skilled programmers working about six months.

Until now, western security experts were the only ones reporting on and analyzing Stuxnet. No Iranian sources were willing to speak publicly about it. But the fact that this article quotes “Iranian nuclear experts” confirms that the worm has infected Iran’s nuclear complexes. The only thing left to know is whether the most damaged site was Natanz, the only known plant enriching uranium which might be used in producing a nuclear weapon, as I’ve speculated.

Well, that’s not exactly the only thing left to know. An equally intriguing question is who devised and planted the malware (how they did it would be interesting as well). The Iranians can’t very well blame Israel or the U.S. because to do so would acknowledge the damage Stuxnet has caused.

0 comments