Stuxnet malware is 'weapon' out to destroy ... Iran's Bushehr nuclear plant?
The Stuxnet malware has infiltrated industrial computer systems worldwide. Now, cyber security sleuths say it's a search-and-destroy weapon meant to hit a single target. One expert suggests it may be after Iran's Bushehr nuclear power plant.
By Mark Clayton, Staff writer / September 21, 2010
Cyber security experts say they have identified the world's first known cyber super weapon designed specifically to destroy a real-world target – a factory, a refinery, or just maybe a nuclear power plant.
Last year, rumors began surfacing that Israel might be contemplating a cyber attack on Iran's nuclear facilities.
One of the things that Langner discovered is that when Stuxnet finally identifies its target, it makes changes to a piece of Siemens code called Organizational Block 35. This Siemens component monitors critical factory operations -- things that need a response within 100 milliseconds. By messing with Operational Block 35, Stuxnet could easily cause a refinery's centrifuge to malfunction, but it could be used to hit other targets too, Byres said. "The only thing I can say is that it is something designed to go bang," he said.
"We had anticipated that we could root out the virus within one to two months," Hamid Alipour, deputy head of Iran's Information Technology Co., a part of the ministry of communication and information technology, told the Islamic Republic News Agency. "But the virus is not stable, and since we started the cleanup process three new versions of it have been spreading," he said.
Ethics aside. . .
Each year since 1998, Russia has introduced a resolution at the United Nations calling for an international agreement to combat what it calls "information terrorism." Russian leaders worry that the Internet makes it so easy for people to communicate that a government could use the Internet to challenge another country's political system. Some Russian diplomats have actually revived an old Soviet term — "ideological aggression" — to describe what governments could do to each other via the Internet.
At a U.N. disarmament conference in 2008, Sergei Korotkov of the Russian Defense Ministry argued that anytime a government promotes ideas on the Internet with the goal of subverting another country's government — even in the name of democratic reform — it should qualify as "aggression." And that, in turn, would make it illegal under the U.N. Charter.
"Practically any information operation conducted by a state or a number of states against another state would be qualified as an interference into internal affairs," Korotkov said through an interpreter. So any good cause, like [the] promotion of democracy, cannot be used as a justification for such actions."
...There are many competing explanations for myrtus, which could simply signify myrtle, a plant important to many cultures in the region. But some security experts see the reference as a signature allusion to Esther, a clear warning in a mounting technological and psychological battle as Israel and its allies try to breach Tehran’s most heavily guarded project. Others doubt the Israelis were involved and say the word could have been inserted as deliberate misinformation, to implicate Israel.
“...The Iranians are already paranoid about the fact that some of their scientists have defected and several of their secret nuclear sites have been revealed,” one former intelligence official who still works on Iran issues said recently. “Whatever the origin and purpose of Stuxnet, it ramps up the psychological pressure.”