Pages

Monday, September 27, 2010

Computer World:

Iran nuke SCADAs saturated with Stuxnet infection
By Richi Jennings. September 26, 2010.

Let's play... Global Thermonuclear War. The Stuxnet worm, "the most sophisticated malware ever," has been discovered infesting Iran's nuclear installations. There's growing speculation that these were indeed the intended targets of what the mainstream continues to call a "virus" -- it only infects certain Siemens SCADA systems in specific configurations. There's also speculation that it's state-sponsored malware, with fingers pointing at either Israel or the U.S. Let's take a look, in The Long View...

It must be said, our own Gregg Keizer has come in for some stick on this. He's been leading the reporting of suspicion that Stuxnet's authors deliberately targeted Iran's atomic energy systems. Also, by implication, targeting the nuclear weapons program that's suspected of running parallel to it.

However, evidence continues to pile up that Gregg was right on:

Officials in Iran have confirmed that the Stuxnet worm infected at least 30,000
Windows PCs in the country ... the total number of infected Windows PCs may be
considerably larger.
...
Iran's Atomic Energy Organization ... met this week to discuss how to remove the malware. ... Stuxnet has been attacking SCADA systems since at least January. ... Government officials said that "serious damage that caused damage and disablement" had been reported.
So, it's looking more and more like Gregg's angle was justified. Time will tell, I suppose.

It's hugely significant that Iran is in fact acknowledging the problem now. The worry is that this 30,000 datum is actually way under-played. As Richard Silverstein notes:

Until now, western security experts were the only ones reporting on ... Stuxnet. No Iranian sources were willing to speak publicly. ... But the fact that this article quotes “Iranian nuclear experts” confirms that the worm has infected Iran’s nuclear complexes. The only thing left to know is whether the most damaged site was Natanz, the only known plant enriching uranium which might be used in producing a nuclear weapon.
Why would anyone believe that the 30,000 figure is accurate? It's a reasonable assumption that the regime would under-report the extent of the infection.

Naturally, there are those who see the hand of Israel behind the curtain. The pseudonymous T.S. caused howls of rage in the Economist's comments section:

Its unusual sophistication ... has prompted speculation that it is the work of a well-financed team working for a nation state, rather than a group of rogue hackers. ... This, in turn, has led to suggestions that Israel, known for its high-tech prowess and (ahem) deep suspicion of Iran's nuclear programme, might
be behind it. ...
If Stuxnet has been deliberately aimed at Iran, one possible target is its Bushehr nuclear reactor ... controlled by Siemens systems, including the WinCC software that Stuxnet targets. ... A rival theory is that the target was Iran's uranium-enrichment plant at Natanz, and that Stuxnet successfully shut down some of its centrifuges in early 2009.

Better than flying a couple of F16s over sovereign territory to drop bombs on it. Less risky, and far more plausibly deniable.

Still others look to American influence. Tariq Alhomayed writes from London:

Washington had previously considered initiating ‘electronic warfare’ against the
regime of Saddam Hussein ... to ensure that Iraqi defense systems were crippled,
and to prevent resistance. ... The idea was shelved, but it is certain that experts have been working since then to develop the idea of electronic warfare.
...
When Ahmadinejad says that Iran is the second strongest force bar America in ... the Middle East, he is absolutely right. ... All the elements of subversion are in the hands of Iran. ... Iran effectively controls Gaza through Hamas ... it ensures that the Hezbollah front continuously confronts Israel. ... It is consolidating the Iraqi sectarian divide ... disrupting the formation of the next Iraqi government. ... Iranian intervention in Yemen ... its attempt to destabilize the Gulf region by awakening a sense of sectarianism ... funding and laying sleeper cells within Gulf states.
Scary stuff. Now, if you'll excuse me, I'm going to watch the Formula 1 night race from Singapore.

1 comment: