November 15, 2010, 10:01 AM — Researchers have uncovered new clues that the Stuxnet worm may have been created to sabotage Iranian attempts to turn uranium into atomic bomb-grade fuel.
According to Eric Chien, one of three Symantec researchers who have dug into Stuxnet, the worm targets industrial systems that control very high speed electrical motors, such as those used to spin gas centrifuges, one of the ways uranium can be enriched into fissionable material.
[ See also: More Evidence Stuxnet Was Aimed at Iran ]
One expert called Symantec's discovery "very interesting indeed."
Chien reported Symantec's new findings in a blog post last Friday and in a revised paper first published in September.
Stuxnet, considered by many security researchers to be the most sophisticated malware ever , targeted Windows PCs that managed large-scale industrial-control systems in manufacturing and utility companies. Those control systems, called SCADA, for "supervisory control and data acquisition," operate everything from power plants and factory machinery to oil pipelines and military installations.
Since the worm was first detected in June, researchers have come to believe that it was crafted by a state-sponsored team of programmers, and designed to cripple Iran's nuclear program.
In September, Iran officials confirmed that Stuxnet infected 30,000 PCs in the country, but have denied that the worm had caused any significant damage or infiltrated the SCADA systems at the Bushehr nuclear reactor.
Symantec's latest analysis indicates that the reactor was not the target. Instead, Stuxnet aimed to disrupt uranium enrichment efforts.
Stuxnet looks for devices called "frequency converter drives" connected to a SCADA system, said Chien. Such drives take electrical current from a power grid, then change the output to a much higher frequency, typically 600 Hz or higher.