Image Credit: Symantec
Computers in Iran’s Bushehr nuclear reactor are among the 30,000 Iranian computers infected by the sophisticated “Stuxnet” worm, according to the IRNA news agency.
Iranian officials have acknowledged that the attack is still ongoing and that mutated versions continue to spread, although they deny that there has been any damage to the main systems at the plant.
The Stuxnet worm is thought to be the first of it’s kind to be able to affect the capabilities of bricks-and-mortar operations, such as power plants. The worm is self-replicating and is capable of not only stealing information from SCADA control devices, but also reprogramming them. It is also very effective at disguising both itself and the code that it injects, meaning that problems could remain even after the worm has been removed.
The sophistication of the attack and it’s targeting of Iran has led many to believe that the Bushehr nuclear reactor was the primary focus of the attack. The worm targeted no less than four previously unknown security vulnerabilities in the Windows operating system and was signed with two digital certificates that had been stolen from legitimate software companies.
Security experts largely agree that the sophistication of such an attack likely points to state actors. Eugene Kaspersky, co-founder and CEO of Kaspersky Lab, one of the companies involved in dissecting the walware, went so far as to call it a “cyber-weapon,” saying it was “designed to sabotage plants, to damage industrial systems.”
[googlemaps http://maps.google.com/maps?f=q&source=s_q&hl=en&geocode=&q=Bushehr,+Iran&sll=35.696111,51.423056&sspn=22.621191,49.130859&g=TEHRAN&ie=UTF8&hq=&hnear=Bushehr,+Iran&ll=29.649869,57.084961&spn=7.55817,21.928711&t=h&z=5&output=embed&w=500&h=200]