US Attacks Iran with Stuxnet

According to many leading sources including security firm Symantec, security firm F-Secure and Ralph Langner, an industrial computer expert, the Stuxnet worm could only have been written by a ‘nation-state’. The sheer complexity of the worm indicates as much. These experts were quoted by the BBC.

If you’re not familiar with the worm it is a malicious program that seems to have been programmed to target Iran. The infection rates of this worm have been much, much higher in the Middle Eastern nation than anywhere else. Symantec showed that nearly 60% of all infections were in Iran.

Liam O’Murchu of security firm Symantec, told BBC News:

“The fact that we see so many more infections in Iran than anywhere else in the world makes us think this threat was targeted at Iran and that there was something in Iran that was of very, very high value to whomever wrote it.”

The strange thing about this worm is that it is the first-known worm programmed to attack real world physical infrastructure. It’s not like other viruses; they attack by getting into a system through a connection via the internet. However this worm infects Windows via USB connection like a flash drive. In other words, someone has to physically place the worm into the system intended for infection.

Once inside the system it is programmed to target specific configuration of industrial control software made by Siemens. The worm has the power to reprogram PLC (programmable logic control), which is attacked to industrial machinery and give it new instructions.

In addition, it exploited several previously unknown and unpatched vulnerabilities in Windows, known as zero-day exploits. Microsoft has only patched two of the flaws.

Many believe that the worm was intended to disrupt the nuclear power plant Bushehr or the uranium enrichment plant at Natanz. Which makes sense given that it has found its way heavily into Iranian infrastructure.

It’s very likely given Iran’s infection rate and the fact it certainly was created by a nation state. The complexity of the worm was so great that experts say that it would have required a massive effort and a great deal of funding to create such a malicious program.

Its funny how I just did a story on Cuba creating their own operating system to avoid situations just like this. I would think that Iran and Ahmadinejad might want to consider doing the same. The CIA is no stranger to using technology based attacks on foreign countries.

And by request:
we will shed blood on the way of victory of the color of our flags
we will destroy capitalist lines with our mighty hammers

Sources:
http://www.symantec.com/connect/blogs/w32stuxnet-network-information
http://www.schneier.com/blog/archives/2010/09/the_stuxnet_wor.html

Advertisements