view counter

Iran's bombExperts: Stuxnet worm wreaks havoc at Iran's nuclear sites

Published 10 December 2010

Iran’s nuclear program is still in chaos as a result of the Stuxnet attack; the American and European experts say their security Web sites, which deal with the computer worm known as Stuxnet, continue to be swamped with traffic from Tehran and other places in the Islamic Republic, an indication that the worm continues to infect the computers at Iran’s two nuclear sites; Stuxnet was designed to take over the control systems and evade detection, and it apparently was very successful; last week President Mahmoud Ahmadinejad, after months of denials, admitted that the worm had penetrated Iran’s nuclear sites, but he said it was detected and controlled; the second part of that claim, experts say, does not ring true

Ahmadinejad inspecting the Natanz facility // Source: guardian.co.uk

Iran’s nuclear program is still in chaos despite its leaders’ claim that they have contained the computer worm that attacked their facilities, cybersecurity experts in the United States and Europe say.

The American and European experts say their security Web sites, which deal with the computer worm known as Stuxnet, continue to be swamped with traffic from Tehran and other places in the Islamic Republic, an indication that the worm continues to infect the computers at Iran’s two nuclear sites.

Fox News reports that the Stuxnet worm, named after initials found in its code, is the most sophisticated cyberweapon ever created. Examination of the worm shows it was a cybermissile designed to penetrate advanced security systems. It was equipped with a warhead that targeted and took over the controls of the centrifuge systems at Iran’s uranium processing center in Natanz, and it had a second warhead that targeted the massive turbine at the nuclear reactor in Bashehr.

Stuxnet was designed to take over the control systems and evade detection, and it apparently was very successful. Last week President Mahmoud Ahmadinejad, after months of denials, admitted that the worm had penetrated Iran’s nuclear sites, but he said it was detected and controlled.

The second part of that claim, experts say, does not ring true.

Eric Byres, a computer expert who has studied the worm, said his site was hit with a surge in traffic from Iran, meaning that efforts to get the two nuclear plants to function normally have failed. The Web traffic, he says, shows Iran still has not come to grips with the complexity of the malware that appears to be still infecting the systems at both Bashehr and Natanz.

“The effort has been stunning,” Byres said. “Two years ago American users on my site outnumbered Iranians by 100 to 1. Today we are close to a majority of Iranian users.”

He said that while there may be some individual computer owners from Iran looking for information about the virus, it was unlikely that they were responsible for the vast majority of the inquiries because the worm targeted only the two nuclear sites and did no damage to the thousands of other computers it infiltrated.

At one of the larger American Web companies offering advice on how to eliminate the worm, traffic from Iran has swamped that of its largest user: the United States.

“Our traffic from Iran has really spiked,” said a corporate officer who asked that

view counter
view counter