Hard-Rocking Cyberattack Said to Strike Iranian Nuclear Plants
A detail of the original Australian cover of AC/DC's 1979 LP 'Highway to Hell.'
CREDIT: Albert Productions
An attack by Australian hard-rocking hackers? Another American network penetration? Or just a hoax?
The Iranian nuclear program is being hit once again by a cyberattack, according to an email received by well-known cybersecurity researcher Mikko Hypponen.
"Our nuclear program has once again been compromised and attacked by a new worm with exploits which have shut down our automation network at Natanz and another facility, Fordo, near Qom," read the email, according to Hypponen's blog posting today (July 23).
But instead of sneaking stealthily into the Iranian systems, as did the Stuxnet and Flame worms, this piece of malware is making its presence known loud and clear.
"There was also some music playing randomly on several of the workstations during the middle of the night with the volume maxed out," the email said. "I believe it was playing 'Thunderstruck' by AC/DC."
Legit email address
Hypponen said that he had no way of verifying the allegations, but said the email did come from an address within the Atomic Energy Organization of Iran.
"According to the email our cyber experts sent to our teams, they believe a hacker tool Metasploit was used. The hackers had access to our VPN [virtual private network]," said the email. "The automation network and Siemens hardware were attacked and shut down. I only know very little about these cyber issues as I am scientist not a computer expert."
Metasploit is a network-security penetration-testing tool that is available in both free and paid editions and can be easily found online. It's used to test networks and computers for vulnerabilities.
Stuxnet, the world's first known cyberweapon, was a worm that attacked the Iranian uranium-processing facility at Natanz in the summer of 2010.
It infected programmable logic controllers made by the German company Siemens and made centrifuges spin out of control and destroy themselves, setting back the Iranian nuclear program by at least several months.
In June, the New York Times asserted that Stuxnet was a joint production of the American and Israeli intelligence services. Neither country denied it, and the U.S. launched a probe into the leak.
Flame, an extremely sophisticated piece of spyware discovered in late May of this year, may actually date back to 2007. A Washington Post story said that it, too, was created by the United States and Israel and was used to map out Iranian networks in preparation for Stuxnet.
This past Friday, President Barack Obama, who, according to the Times, authorized Stuxnet's use against Iran, wrote an opinion piece for the Wall Street Journal urging passage of legislation to prevent Stuxnet-like attacks against the U.S.