By Robert McMillan
IDG News Service
September 21, 2010
A highly sophisticated computer worm that has spread through Iran,
Indonesia and India was built to destroy operations at one target:
possibly Iran's Bushehr nuclear reactor.
That's the emerging consensus of security experts who have examined the
Stuxnet worm. In recent weeks, they've broken the cryptographic code
behind the software and taken a look at how the worm operates in test
environments. Researchers studying the worm all agree that Stuxnet was
built by a very sophisticated and capable attacker -- possibly a nation
state -- and it was designed to destroy something big.
Though it was first developed more than a year ago, Stuxnet was
discovered in July 2010, when a Belarus-based security company
discovered the worm on computers belonging to an Iranian client. Since
then it has been the subject of ongoing study by security researchers
who say they've never seen anything like it before. Now, after months of
private speculation, some of the researchers who know Stuxnet best say
that it may have been built to sabotage Iran's nukes.
Last week Ralph Langner, a well-respected expert on industrial systems
security, published an analysis of the worm, which targets Siemens
software systems, and suggested that it may have been used to sabotage
Iran's Bushehr nuclear reactor. A Siemens expert, Langner simulated a
Siemens industrial network and then analyzed the worm's attack.
Subscribe to InfoSec News - www.infosecnews.org