Stuxnet malware is ‘weapon’ out to destroy … Iran’s Bushehr nuclear plant?
The Christian Science Monitor reports: “Cyber security experts say they have identified the world’s first known cyber super weapon designed specifically to destroy a real-world target – a factory, a refinery, or just maybe a nuclear power plant.
The cyber worm, called Stuxnet, has been the object of intense study since its detection in June. As more has become known about it, alarm about its capabilities and purpose have grown. Some top cyber security experts now say Stuxnet’s arrival heralds something blindingly new: a cyber-weapon created to cross from the digital realm to the physical world – to destroy something.
At least one expert who has extensively studied the malicious software, or malware, suggests Stuxnet may have already attacked its target – and that it may have been Iran’s Bushehr nuclear power plant, which much of the world condemns as a nuclear weapons threat…
So far, Stuxnet has infected at least 45,000 industrial control systems around the world, without blowing them up – although some victims in North America have experienced some serious computer problems, Eric Byres, a Canadian expert, told the Monitor. Most of the victim computers, however, are in Iran, Pakistan, India, and Indonesia. Some systems have been hit in Germany, Canada, and the US, too. Once a system is infected, Stuxnet simply sits and waits – checking every five seconds to see if its exact parameters are met on the system. When they are, Stuxnet is programmed to activate a sequence that will cause the industrial process to self-destruct, Langner says.
Langner’s analysis also shows, step by step, what happens after Stuxnet finds its target. Once Stuxnet identifies the critical function running on a programmable logic controller, or PLC, made by Siemens, the giant industrial controls company, the malware takes control. One of the last codes Stuxnet sends is an enigmatic DEADF007. Then the fireworks begin, although the precise function being overridden is not known, Langner says. It may be that the maximum safety setting for RPMs on a turbine is overridden, or that lubrication is shut off, or some other vital function shut down. Whatever it is, Stuxnet overrides it, Langners analysis shows…
A geographical distribution of computers hit by Stuxnet, which Microsoft produced in July, found Iran to be the apparent epicenter of the Stuxnet infections. That suggests that any enemy of Iran with advanced cyber war capability might be involved, Langner says. The US is acknowledged to have that ability, and Israel is also reported to have a formidable offensive cyber-war-fighting capability.
Could Stuxnet’s target be Iran’s Bushehr nuclear power plant, a facility much of the world condemns as a nuclear weapons threat?
Langner is quick to note that his views on Stuxnet’s target is speculation based on suggestive threads he has seen in the media. Still, he suspects that the Bushehr plant may already have been wrecked by Stuxnet. Bushehr’s expected startup in late August has been delayed, he notes, for unknown reasons. (One Iranian official blamed the delay on hot weather.)
But if Stuxnet is so targeted, why did it spread to all those countries? Stuxnet might have been spread by the USB memory sticks used by a Russian contractor while building the Bushehr nuclear plant, Langner offers. The same contractor has jobs in several countries where the attackware has been uncovered…” (This dangerous invention fulfills at least three Scripture passages – Daniel 12:4; II Timothy 3:1, 2; II Timothy 3:13. See also the next three reports.)
Iran’s nuclear agency battles virus that can bring down power plants
Haaretz reports: “Iranian media reports said that the country’s nuclear agency is trying to combat a complex computer worm that has affected industrial sites in Iran and is capable of taking over power plants.
The computer virus, which attacks a widely used industrial system, appears aimed mostly at Iran and its sophistication suggests a state may have been involved in creating it, Western cyber security companies said earlier.
Kevin Hogan, Senior Director of Security Response at Symantec told Reuters 60 percent of the computers worldwide infected by the so-called Stuxnet worm were in Iran, indicating industrial plants in that country were the target.
European digital security company Kaspersky Labs said the attack could only be conducted with nation-state support.
Stuxnet is a working and fearsome prototype of a cyber-weapon that will lead to the creation of a new arms race in the world, it said in a statement about the virus, which attacks Siemens AG’s widely used industrial control systems.
The companies’ remarks are the latest in a series of specialist commentary stirring speculation that Iran’s first nuclear power station, at Bushehr, may have been targeted in a state-backed attempt at sabotage or espionage.
It’s pretty clear that based on the infection behavior that installations in Iran are being targeted, Hogan said of the virus…”
Coding of Virus Attacking Iran May Refer to Queen Esther
Israel National News reports: “Iranian Intelligence Minister Heider Moslehi said that his country is under cyber-attack, and blamed the United States and Israel. Iranian officials initially admitted that their country had been hit by the Stuxnet computer virus, but insisted that the damage was minimal.
Iran has been forced to push back the opening of the nuclear plant in Bushehr. Senior Information and Technology official Hamid Alipour admitted that while Iranian officials had hoped to clean up the virus in under two months, that hope had been proven unrealistic. The virus is not stable, and since we started the cleanup process, three new versions have been spreading, he said.
Stuxnet hit Iran much harder than any other nation, affecting an estimated 62,000 systems. A total of 100,000 computers are thought to have been hit with the virus worldwide. The virus was made to target software created by the German company Siemens; Iran relies heavily on Siemens systems.
Israel has been among the top suspects in the creation of the Stuxnet worm, due both to Israeli opposition to Iran’s unsupervised nuclear program, and to the complexity of the virus, which experts say could only have been created by a team with significant funding, resources and expertise.
Stuxnet is uniquely dangerous in that it cannot only cause damage to a system, but can take control of facilities, producing physical, real-world results to an attack. The virus also studies its targets, determining which type of system it has entered before deciding whether or not to attack. To date, it has entered primarily systems that control critical infrastructure…”
Analysis: Could Iran retaliate for apparent cyber-attack?
Reuters reports: “Iran has limited capacity to retaliate in kind to an apparent cyber-attack that infected computers at its sole nuclear power plant, analysts say, but some worry it could seek to hit back by other means.
Security experts say they believe the release of the Stuxnet computer worm may have been a state-backed attack on Iran’s nuclear program, most likely originating in the United States or Israel. But they say the truth may never be known.
Little information is available on how much damage, if any, Iran’s nuclear and wider infrastructure has suffered from Stuxnet — and Tehran will probably never share the full details. Officials said on Sunday the worm had hit staff computers at the Bushehr nuclear power plant but had not affected major systems there.
Some analysts believe Iran may be suffering wider sabotage aimed at slowing down its nuclear ambitions, and point to unexplained technical problems that have cut the number of working centrifuges in its uranium enrichment program.
In the short term, intelligence experts believe Tehran’s priority will be trying to identify the source of the attack and examining how the worm was uploaded onto its systems. The Iranian internal security and counterintelligence departments will need to nail down the culprits first, then work out how to turn the tables, said Fred Burton, a former U.S. counterintelligence expert who is now vice president of political risk consultancy Stratfor.
But finding reliable evidence identifying which country or group was responsible might well prove impossible, increasing the probability of a more unofficial and deniable reaction.
Some analysts suggest Iran might like to retaliate with a cyber-attack against Israel or the West — although there are question marks over its capability to do so.
I don’t think we can expect much in the way of retaliatory cyber-attacks, said regional analyst Jessica Ashooh. The Iranians simply don’t have the technical capacity to do anything similar to properly protected systems — as evidenced by the very hard time they are having controlling and quarantining this attack.…” (The cocky little Ahmadinejad who boasted at the UN about Irans glorious and victorious future may soon face even greater humiliation – Proverbs 6:16 – 19; 16:18.)
Iran blames Bushehr nuclear plant delay on ‘small leak’, not virus
Haaretz reports: “A small leak in a pool near the reactor caused a delay in starting up Iran’s first nuclear power plant but it has now been fixed, a senior official was quoted as saying.
Ali Akbar Salehi, head of Iran’s Atomic Energy Organization, also said the delay had nothing to do with the global Stuxnet computer virus believed mainly to have affected Iran.
Earlier, Iranian officials said Stuxnet had hit staff computers at Bushehr, a symbol of Iran’s growing geopolitical sway and rejection of international efforts to curb its nuclear activity. But the virus had not affected major systems there, they said.
Security experts say the release of Stuxnet may have been a state-backed attack on Iran’s nuclear program, most likely originating in the United States or Israel, which accuse the country of seeking to develop atomic bombs. Iran denies this.
When Iran began loading fuel into Bushehr in August, officials said it would take two to three months for the plant to start producing electricity and that it would generate 1,000 megawatts, about 2.5 percent of the country’s power usage.
But Salehi said the fuel would soon be transferred to the core of the reactor and the plant would begin supplying energy in 2011, signaling a delay in its start-up.
He gave further details saying a small leak was observed in a pool next to the reactor and was curbed, the official IRNA news agency reported…” (Another lie by Irans professional deceiver. Heres why – “Ye are of your father the devil, and the lusts of your father ye will do. He was a murderer from the beginning, and abode not in the truth, because there is no truth in him. When he speaketh a lie, he speaketh of his own: for he is a liar, and the father of it” John 8:44.)