Advanced Computer Worm Was Specifically Designed to Attack Iranian Nuclear Reactor, Experts Say And the culprit is likely a nation-state

By Rebecca Boyle Posted 09.22.2010 at 1:56 pm 14 Comments


Atomic Iran Iran's quasi-official news agency released this image in an attempt to illustrate their nuclear intentions. The new Bushehr reactor is the country's first nuclear power plant. Iranian Students News Agency
The sophisticated computer worm called Stuxnet, which has been targeting industrial operations around the world, was likely designed to take out Iran’s new Bushehr nuclear reactor, cybersecurity experts say. It’s the first known cyber-super-weapon designed to destroy a real-world target, reports the Christian Science Monitor.

Researchers studying the worm say it was built by an advanced attacker with plentiful resources — possibly a nation-state. Initially, experts thought it was designed for industrial espionage, but upon examining its code, they now think it was built for sabotage.

Ralph Langner, an expert on industrial systems security, has been studying Stuxnet since it was first discovered at a Belarus-based security firm in June. In a blog post last week, he said the worm was most likely assembled by a team of experts with heavy insider knowledge: “This is not some hacker sitting in the basement of his parents’ house. To me, it seems that the resources needed to stage this attack point to a nation state,” he wrote.

He speculates that the target is Iran’s Bushehr reactor, currently under construction. To reach this conclusion, he partly relied upon a UPI picture of the reactor’s operations plant, showing Siemens PLC software.

Stuxnet has targeted Siemens-operated industrial facilities like power plants and chemical factories. It has spread via USB flash drives and through copying itself to new networks protected by weak passwords, according to a news release from Norman ASA, a network security firm.

As PCWorld explains, once Stuxnet identifies a target, it changes a specific piece of Siemens code that monitors critical operations — “things that need a response within 100 milliseconds.” By changing this crucial piece of code, Stuxnet could cause equipment to malfunction, sabotaging a refinery or factory.

So far, no one has ventured to guess which nation might have built Stuxnet. But PCWorld recalled speculation from last summer that Israeli officials were contemplating a cyber attack on Iran.

Langner wrote that whoever built the worm is going to get caught, because cyber-forensics will eventually smoke them out. They must not care about going to jail, he wrote.

If they represent a nation-state, there might be much bigger things to worry about — could Stuxnet represent an opening salvo in a cyber war?

As PCWorld explains...

How are these systems not completely isolated from the outside world?

The best security would be to use a punched-card control system with all data manually input with a hole-punch, but that would be crippling in terms of performance and reliability.

The best security is to have the machine switched off, disconnected from all cables, in a sealed room, that nobody can enter, surely?

As I am writing this, they're having a compromised web site (http://www.atomstroyexport.com/index-e.htm) that tries to download stuff from a malware site that had been shut down more than two years ago (www.bubamubaches.info). So we're talking about a company in nukes that seems to be running a compromised web presence for over two years? Strange.

Who, or maybe WHAT, is behind the Stuxnet worm?


The infamous Stuxnet worm is surrounded by cloak and dagger reports and conspiracy theories worthy of a movie plot. However, it's time to break out the tinfoil hats as some people question if nuclear systems have been attacked by an extraterrestrial cyber-worm. Wait, it gets even more bizarre than alien written worms because psychic spies are in on it too.

Okay, I admit it. I don't believe in E.T. or psychic spies, but I like a good conspiracy theory. I like to tell people to open their minds. I should take my own advice; what is truth to one person is fiction to another. Here is the "truth" mixed in with a couple of wild "conspiracy theories."

First, what we think is the truth: Stuxnet was created to attack Siemens SCADA system software like those that are used in power plants, oil pipelines and factory industrial control systems. It has exploited four zero-day vulnerabilities and used two valid certificates from JMicron and Realtek. Iran has admitted that machines at Bushehr nuclear reactor and at least 30,000 other Window's PCs have been infected with the Stuxnet worm. As reported by Gregg Keizer, Liam O Murchu, of Symantec's security response team, said Stuxnet can re-infect cleaned computers by embedding malicious DLL into Step 7 files. Now that is no conspiracy; that is impressively scary malware.

The Stuxnet worm is thought to have been developed for sabotage instead of espionage and spread via USB sticks...the same way that the Pentagon was attacked in 2008. Meanwhile, the Pentagon is refusing to confirm or deny if it launched the Iranian nuke worm attack.

The Associated Press stated, "A number of governments with sophisticated computer skills would have the ability to create such a code. They include China, Russia, Israel, Britain, Germany and the United States." As different security researchers point fingers at different nations, it might be interesting to point out that Homeland Security Newswire published Israel used cyber weapon to disrupt Iran's nuclear reactor.

If it were a movie, then we would look for misdirection to find the light of who created the cyber-weapon. Enter the mind-boggling theory that there is a connection between this cyber-arms invasion, 'psychic spies' and allegations of nuclear intrusion by UFOs.

The American Chronicle wrote, "Sources to STARstream Research have reported that U.S. government intelligence agencies targeted Iranian underground nuclear facilities using 'psychic spies' -- a method left over from the cold war, when the Defense Intelligence Agency collected psychic intelligence against the Soviet Union." Furthermore, the article talks of a Department of Defense report. "Questions of interest to the members of the intelligence community include discovering ways of reading the human mind (artificial telepathy), improving human cognitive performance, remote control of mental states, and machine-mind interfaces."

Starpod had previously reported on a psychic warning for terror threats to London and Paris, but updated its article as psychic spy intelligence confirmed by new terror threat reports. Chris Robinson, the 'dream detective' is allegedly part of that spy intelligence. Robinson claims to have been involved with U.S. intelligence officials following the 9-11 attacks and has warned other governments of impending attacks. ABC news stated that a senior U.S. official called the threats "credible." The Telegraph reported that an al-Qaeda terror plot to attack Britain was thwarted by a drone strike in Pakistan. Yet it doesn't state who specifically helped "Western intelligence agencies." MSNBC cited "unidentified intelligence sources" helped identify alleged terror plots planning simultaneous strikes in London, as well in France and Germany.

Since I don't really follow news on psychic spies or UFOs, more than an occasional sci-fi movie, I considered making a tinfoil hat when Wired's Danger Room explained that seven retired Air Force officers disclosed "that they witnessed the UFOs rendering U.S. nuclear missiles temporarily inoperable during the Cold War." AOL reported, UFOs have occasionally tampered with nuclear weapons sites for nearly 60 years. In a CNN video, UFO researcher Robert Hasting stated, "Declassified U.S. government and witness testimony from former or retired U.S. military personnel confirm beyond any doubt the reality of ongoing UFO incursion at nuclear weapon sites...This planet is being visited by beings from another world who for whatever reason have taken an interest in the nuke arm race that began at the end of WWII."

Many media sites said the United Nations was secretly ready to appoint the first ambassador to E.T. but the Guardian heard back from the supposed ambassador. Malaysian astropsychicist Mazlan Othman wrote, "It sounds really cool but I have to deny it."

Why would E.T. write a worm if aliens have the power to just shutdown nuclear systems? What if E.T. is not a little green man, but a nation-state intent upon putting the hurt to its enemies? Even with extraterrestrial aliens allegedly monitoring our nukes and psychic dreamers warning of terrorist attacks, there is no proof it's tied to the most dangerous malware ever written. The truth behind who created the Stuxnet worm is currently obscured.

Other Stuxnet theories suggest all of the "Stuxnet hype" was started just as the U.S. tries to justify cybersecurity laws and back door wiretaps in all communications. Some people believe in ghosts, so why not aliens? Some people believe Big Brother is watching, and although some believe that is paranoid, more and more people believe it's true. It depends who you are and what you consider a conspiracy, but it definitely would make a good sci-fi movie.

The best security is to have the machine switched off, disconnected from all cables, in a sealed room, that nobody can enter, surely?