Sophisticated computer worm designed to disable nuclear plants
German researcher Ralph Langner was the first to suggest that the Bushehr nuclear power plant in Iran was the Stuxnet target…..Frank Rieger, chief technology officer at Berlin security firm GSMK, believes it’s more likely that the target in Iran was a nuclear facility in Natanz….The new information released by Symantec last week supports this speculation…..
Clues Suggest Stuxnet Virus Was Built for Subtle Nuclear Sabotage , Wired.com, By Kim Zetter , November 15, 2010 New and important evidence found in the sophisticated “Stuxnet” malware targeting industrial control systems provides strong hints that the code was designed to sabotage nuclear plants, and that it employs a subtle sabotage strategy that involves briefly speeding up and slowing down physical machinery at a plant over a span of weeks.
“It indicates that [Stuxnet’s creators] wanted to get on the system and not be discovered and stay there for a long time and change the process subtly, but not break it,” says Liam O Murchu, researcher with Symantec Security Response, which published the new information in an updated paper (.pdf) on Friday.
The Stuxnet worm was discovered in June in Iran, and has infected more than 100,000 computer systems worldwide. At first blush it appeared to be a standard, if unusually sophisticated, Windows virus designed to steal data, but experts quickly determined it contained targeted code designed to attack Siemens Simatic WinCC SCADA system. SCADA systems, short for “supervisory control and data acquisition,” are control systems that manage pipelines, nuclear plants, and various utility and manufacturing equipment……..
The malware appears to have begun infecting systems in January 2009. In July of that year, the secret-spilling site WikiLeaks posted an announcement saying that an anonymous source had disclosed that a “serious” nuclear incident had recently occurred at Natanz. Information published by the Federation of American Scientists in the United States indicates that something may indeed have occurred to Iran’s nuclear program. Statistics from 2009 show that the number of enriched centrifuges operational in Iran mysteriously declined from about 4,700 to about 3,900 beginning around the time the nuclear incident WikiLeaks mentioned would have occurred.
Researchers who have spent months reverse-engineering the Stuxnet code say its level of sophistication suggests that a well-resourced nation-state is behind the attack……..
German researcher Ralph Langner was the first to suggest that the Bushehr nuclear power plant in Iran was the Stuxnet target. Frank Rieger, chief technology officer at Berlin security firm GSMK, believes it’s more likely that the target in Iran was a nuclear facility in Natanz. The Bushehr reactor is designed to develop non-weapons-grade atomic energy, while the Natanz facility, a centrifuge plant, is designed to enrich uranium and presents a greater risk for producing nuclear weapons.
The new information released by Symantec last week supports this speculation…..
No comments yet.