Super-Sophisticated Computer Virus Apparently Targeted Iran's Power Plants

By Jennifer Welsh | September 27, 2010 6:58 pm

hackerA virus has been popping up in industrial plants and personal computers worldwide, and is now posing a looming threat over Iran, where more than 60 percent of the computers infected with the virus are located.

Some experts believe that virus, first discovered in June, was developed by high-level government programmers (possibly from the US, Israel, or Germany), and is directed toward a specific target, most likely Iran’s Bushehr nuclear power plant. It is believed to have been around for over a year.

The virus was written to exploit five security vulnerabilities (four of which were previously unknown, and only two of which have been patched) in a piece of software used in many different industrial systems. The virus is inserted into the system using a thumbdrive, then spreads from computer to computer.

The malware was so skillfully designed that computer security specialists who have examined it were almost certain it had been created by a government and is a prime example of clandestine digital warfare. While there have been suspicions of other government uses of computer worms and viruses, Stuxnet is the first to go after industrial systems. [The New York Times]

To get that damage the virus works by specifically attacking a piece of Siemens software running on Windows computers in industrial operations ranging from electric grids and traffic lights to factories and power plants. The Iranian government is currently wiping the virus from computers at Bushehr, but claims that the virus hasn’t caused any damage.

The Iranian government confirmed this week that computers at Bushehr were infected by the worm, but representatives claim that the infection was isolated to a handful of noncritical systems and hasn’t disrupted the plant, which is in the final stages of construction and is expected to become operational in October. [Ars Technica]

And while its still up in the air as to if the virus has had the intended effect, its widespread presence worries some because it could be adapted by hackers, though currently the virus requires a specific configuration designed to cause damage to specific systems.

“Proliferation is a real problem, and no country is prepared to deal with it,” said Melissa Hathaway, a former United States national cybersecurity coordinator. The widespread availability of the attack techniques revealed by the software has set off alarms among industrial control specialists, she said: “All of these guys are scared to death. We have about 90 days to fix this before some hacker begins using it.” [The New York Times]

And some experts, like Eugene Kaspersky, co-founder and CEO of the Russian cyber-security firm Kaspersky, worry that this is just the first of a string of government-mediated software attacks.

“This malicious program was not designed to steal money, send spam or grab personal data. This piece of malware was designed to sabotage plants, to damage industrial systems. I am afraid this is the beginning of a new world. I am afraid now it is a new era of cyberwars and cyberterrorism.” [The Inquirer]

Related content:
80beats: Massive Spanish Botnet Busted, but Hacker Mastermind Remains Unknown
80beats: “Soupnazi” Hacker Pleads Guilty to Stealing Millions of Credit Card Numbers
80beats: Iran Blocks Gmail; Will Offer Surveillance-Friendly National Email Instead
80beats: Dueling Videos: Is Iranian Nuclear Scientist a Defector or Kidnap Victim?
Discoblog: Today’s Demonstration: How to Hack an ATM—With Video!
Discover Magazine: 20 Things You Didn’t Know About… Computer Hacking

Image: Flickr/Davide Restivo


Discover's Newsletter

Sign up to get the latest science news delivered weekly right to your inbox!


80beats is DISCOVER's news aggregator, weaving together the choicest tidbits from the best articles covering the day's most compelling topics.

See More

Collapse bottom bar