A silent attack, but not a subtle one
The Stuxnet worm was no different.
The most striking aspect of the fast-spreading malicious computer program — which has turned up in industrial programs around the world and which Iran said had appeared in the computers of workers in its nuclear project — may not have been how sophisticated it was, but rather how sloppy its creators were in letting a specifically aimed attack scatter randomly around the globe.
The malware was so skillfully designed that computer security specialists who have examined it were almost certain it had been created by a government and is a prime example of clandestine digital warfare. While there have been suspicions of other government uses of computer worms and viruses, Stuxnet is the first to go after industrial systems. But unlike those other attacks, this bit of malware did not stay invisible.
If Stuxnet is the latest example of what a government organization can do, it contains some glaring shortcomings. The program was splattered on thousands of computer systems around the world, and much of its impact has been on those systems, rather than on what appears to have been its intended target, Iranian equipment. Computer security specialists are also puzzled by why it was created to spread so widely.
Global alarm over the deadly computer worm has come many months after the program was suspected of stealthily entering an Iranian nuclear enrichment plant, perhaps carried on a U.S.B. memory drive containing the malware.
Computer security specialists have speculated that once inside the factory and within the software that controls equipment, the worm reprogrammed centrifuges made by a specific company, Siemens, to make them fail in a way that would be virtually undetectable. Whether the program achieved its goal is not known.
Much speculation about the target has focused on the Iran nuclear plant at Natanz. In mid-July the Wikileaks Web site reported that it had learned of a serious nuclear accident at the plant. But international nuclear inspectors say no evidence of one exists.
The timing is intriguing because a time stamp found in the Stuxnet program says it was created in January, suggesting that any digital attack took place long before it was identified and began to attract global attention.
The head of the Bushehr nuclear plant in Iran said Sunday that the worm had affected only the personal computers of staff members, Reuters reported. Western nations say they do not believe Bushehr is being used to develop nuclear weapons. Citing the state-run newspaper Iran Daily, Reuters reported that Iran’s telecommunications minister, Reza Taghipour, said the worm had not penetrated or caused “serious damage to government systems.”
Siemens has said that the worm was found in only 15 plants around the world using its equipment and that no factory’s operations were affected. But now the malware not only is detectable, but also is continuing to spread through computer systems around the world through the Internet.