Computer Virus Targets Iran’s Nuclear Infrastructure

Flag of IranIt was only a matter of time before governments started using viruses to attack other nations’ computers. I wonder which agency was behind this one, reported by the BBC:

One of the most sophisticated pieces of malware ever detected was probably targeting “high value” infrastructure in Iran, experts have told the BBC.

Stuxnet’s complexity suggests it could only have been written by a “nation state”, some researchers have claimed.

It is believed to be the first-known worm designed to target real-world infrastructure such as power stations, water plants and industrial units. It was first detected in June and has been intensely studied ever since.

“The fact that we see so many more infections in Iran than anywhere else in the world makes us think this threat was targeted at Iran and that there was something in Iran that was of very, very high value to whomever wrote it,” Liam O’Murchu of security firm Symantec, who has tracked the worm since it was first detected, told BBC News.

Some have speculated that it could have been aimed at disrupting Iran’s delayed Bushehr nuclear power plant or the uranium enrichment plant at Natanz. However, Mr O’Murchu and others, such as security expert Bruce Schneier, have said that there was currently not enough evidence to draw conclusions about what its intended target was or who had written it.

Initial research by Symantec showed that nearly 60% of all infections were in Iran. That figure still stands, said Mr O’Murchu, although India and Indonesia have also seen relatively high infection rates…

[continues at the BBC]

, ,

  • Liam_McGonagle

    Well, scary as this is, it’s not actually unprecedented. Remember the Russian attacks on Estonia in 2007?

    http://www.wired.com/politics/security/magazine/15-09/ff_estonia

    Or the Russian attacks on Georgia in 2008?

    http://www.zdnet/blog/security/coordinated-russia-vs-georgia-cyber-attack-in-progress/1670

    Yeah, the structure of the code in this latest case seems much more sophisticated. And I don’t recall water and electricity facilities being hit in either Georgia or Estonia, but the government’s sites were point out of commission in both cases. As were computerized banking services in Estonia, which is bad enough.

  • Anonymous

    Well, scary as this is, it’s not actually unprecedented. Remember the Russian attacks on Estonia in 2007?

    http://www.wired.com/politics/security/magazine/15-09/ff_estonia

    Or the Russian attacks on Georgia in 2008?

    http://www.zdnet/blog/security/coordinated-russia-vs-georgia-cyber-attack-in-progress/1670

    Yeah, the structure of the code in this latest case seems much more sophisticated. And I don’t recall water and electricity facilities being hit in either Georgia or Estonia, but the government’s sites were point out of commission in both cases. As were computerized banking services in Estonia, which is bad enough.

  • Haystack

    Iran should seek out the state sponsor of terrorism that has been sabotaging their infrastructure.

  • Haystack

    Iran should seek out the state sponsor of terrorism that has been sabotaging their infrastructure.

  • http://www.best-registrycleaner.net Best Registry Cleaner

    Some have speculated that it could have been aimed at disrupting Iran’s delayed Bushehr nuclear power plant or the uranium enrichment plant at Natanz.

21