Stuxnet Bug Targets Iranian Power Plant
The Stuxnet computer worm that was first detected in June, 2010 may have been designed specifically to target an Iranian nuclear power plant, according to a security expert.
German security researcher Ralph Langner, CEO of Langner Communications, has theorized that Stuxnet -- a piece of malware that targets computers running Siemens software used in industrial control systems, and can be used to control these systems remotely – is targeting the Bushehr nuclear power facility in Iran.
Langner uses the high number of infections in Iran, and the delayed opening of the Bushehr plant to support his theory.
"It is hard to ignore the fact that the highest number of infections seems to be in Iran,” Langner wrote in a Sept. 16 entry in the ‘Stuxnet Logbook’ on his website, www.Langner.com. "Can we think of any reasonable target that would match the scenario? Yes, we can. Look at the Iranian nuclear program. Strange -- they are presently having some technical difficulties down there in Bushehr."
Langner then cites a UPI screenshot of a Bushehr plant running the malicious software .
"When I saw this screenshot last year I thought, these guys seem to be begging to be attacked,” he wrote.
Because of how highly studied Stuxnet currently is, Langner argued that its desired target has already been hit.
"So we can conclude that the planned time of attack isn't somewhere next year,” he writes. “I must assume that the attack did already take place. I am also assuming that it was successful.”
Langner’s analysis of Stuxnet points to implications never before seen in a traditional piece of malware. It’s his belief that unlike malware deployed for monetary gain or identification theft , Stuxnet – the “hack of the century,” he calls it -- is a type of “one-shot weapon” aimed at physically dismantling not just the computer system, but the plant itself.
"The attack involves heavy insider knowledge,” he writes. “This was assembled by a highly qualified team of experts, involving some with specific control system expertise. This is not some hacker sitting in the basement of his parents' house. To me, it seems that the resources needed to stage this attack point to a nation state.”
Microsoft has released several patches for Windows vulnerabilities related to Stuxnet, but there are still two flaws that Stuxnet is able to exploit that haven’t been patched, according to a Sept. 13 entry on Microsoft’s Security Response Center blog.