Iranian nuclear plants likely target of foiled cyber sabotage

[ErnstBlofeld]

The Guardian:



Iran was the likely target of a sophisticated computer worm designed to sabotage factories and infrastructure which was almost certainly the work of a national government agency, security experts told the Guardian yesterday.

According to the security company Symantec, 60% of the computers infected by the Stuxnet computer worm are in Iran, which is where the malicious software, known as malware, was discovered by a Belarussian computer security company.

Stuxnet has been described as one the "most refined pieces of malware ever discovered". What makes it even more unusual is that it is aimed, not at financial gain, but at sabotaging computer-controlled infrastructure including nuclear plants.

There was speculation among experts yesterday that the target could have been the Bushehr nuclear reactor in Iran — which was loaded with Russian uranium fuel last month – and that Israeli hackers were behind the sophisticated operation. But security analysts said it may be impossible to identify the perpetrators.

The computer security firm, Symantec, which has been charting Stuxnet's spread, estimates that the group behind it would have been well funded, comprising between five and 10 people, and that it would have taken six months to prepare.

Stuxnet works by exploiting previously unknown security holes in Microsoft's Windows operating system. It then seeks out a component, called Simatic WinCC, manufactured by Siemens, which controls factory operations. Siemens was involved in the design of the Bushehr plant.

Alan Bentley, senior international vice president at the security firm Lumension, said Stuxnet was "the most refined piece of malware ever discovered", and that the worm was significant because "mischief or financial reward wasn't its purpose, it was aimed right at the heart of a critical infrastructure".

Graham Cluley, senior consultant with the online security company Sophos, said: "There is circumstantial evidence to suggest Iran was the target of Stuxnet. We know the worm was designed with a specific target in mind – its makeup and the way it executes render the telltale signs.