Symantec sees Iranian nukes in Stuxnet worm

In code, researchers find attacks aimed at centrifuges

By  

The results are still not definitive, but researchers at Symantec said Friday they've found more evidence that the Stuxnet computer virus was aimed at Iran's Bushehr Nuclear Power Station as both credible and non-credible defense industry analysts have claimed.

The researchers, who labeled their findings a "breakthrough" and posted them on a company blog, wrote that Stuxnet was only designed to attack SCADA industrial-control systems like the ones inside Iran's Bushehr nuclear reactor station. They also found Stuxnet targeted particular high-speed frequency converter drives appropriate for centrifuges at a nuclear-fuel development plant and some other industrial environments, but which have far fewer applications than lower-frequency drives.

Stuxnet is designed to change the frequency of the drives over a period of months which, if it affected the centrifuges in a nuclear fuel plant, would make them operate far less efficiently than if they kept the optimized frequencies set by their operators, the researchers wrote.

Again, not a smoking gun. But more Iranian PCs were hit than any other country; the customized code discovered by a Belarus IT security company in July was on an Iranian man's computers; and the most sharply focused functions are ones that would slow or damage production in a nuclear fuel plant but not, presumably, in one producing Diet Coke.

That's an interesting string of coincidences in a business where there are supposed to be no coincidences. (There are, of course, but it's not a good idea to assume they're happening to you when you're running an [alleged] nuclear weapons plant that has been a thorn in the side of a country that's much better at making things that blow up than your country is at stopping them.

Of course, Bushehr had to be among the most secure, militarily sensitive places in the country and they were relying on the security in Windows. So you never know.

At least nothing exploded.

Kevin Fogarty writes about enterprise IT for ITworld. Follow him on Twitter @KevinFogarty.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question