New Stuxnet whodunit: Malware existed two years earlier than anyone knew

Labels:



Iranian President Mahmoud Ahmadinejad (C) visits the Natanz uranium enrichment facilities.



(Credit:
Getty Images)

Cyber security professionals -- especially in Iran -- woke up today to the latest twist in the history of cyberwarfare when researchers at Symantec said they discovered a version of the Stuxnet computer virus which predates by two years the cyber weapon that was used to sabotage Iran's main nuclear enrichment facilities.

The U.S. and Israel are widely believed to be behind Stuxnet, although neither country has claimed authorship publicly. (The New York Times reported last year that President George W. Bush initiated the attacks, a program which has continued in the Obama administration.) Stuxnet first came to public light for the role it played in a 2007 attack against Iran's uranium enrichment facility. But in an 18 page report released on Tuesday, Symantec said it had found a string of code it called "Stuxnet 0.5," which dates back to 2005.

Whoever the author - or authors - are, Symantec paid them a compliment for creating "a complicated and sophisticated piece of malware requiring a similar level of skill and effort to produce" with Stuxnet 0.5, which Symantec termed "the missing link." When Stuxnet got discovered in July 2010, it was recognized as one of the most sophisticated pieces of malware ever written. What's more, it proved that malicious programs could successfully wreak havoc on critical national infrastructure.

The virus targeted computers running Siemens software used in industrial control systems. All told, it infected software in at least 14 industrial sites in Iran and is thought to be the first known malware which has targeted the controls at industrial facilities.

Symantec said that Stuxnet became more aggressive in subsequent incarnations. The original attack code was used to sabotage valves important to the uranium enrichment process with the intent of damaging the centrifuges and the system as a whole, according to Symantec. But StuxNet 5.0 didn't go after the uranium enrichment centrifuges directly. Instead, it was created to shut off the valves that supplied uranium hexafluoride gas into the centrifuges. That, in turn, inflicted damage on the centrifuges and the uranium enrichment system. Later versions released in 2009 and 2010 were deployed against attacks on the Natanz facility.

It's unclear how effective or what level of success of Stuxnet 0.5 achieved.

You're reading an article about
New Stuxnet whodunit: Malware existed two years earlier than anyone knew
This article
New Stuxnet whodunit: Malware existed two years earlier than anyone knew
can be opened in url
http://newsparvoline.blogspot.com/2013/02/new-stuxnet-whodunit-malware-existed.html
New Stuxnet whodunit: Malware existed two years earlier than anyone knew