Iran confirms Stuxnet attack on nuclear site

Iran confirms Stuxnet attack on nuclear site

Summary: The Stuxnet malware has infected thousands of computers inside Iran, with officials calling the situation 'electronic war' against the country

TOPICS: Security

The Iranian Bushehr Nuclear Power Plant Executive confirmed on Sunday that its nuclear reactor project had been infected by the Stuxnet virus, but said that no significant harm had been done.

Stuxnet is complex self-replicating malware that uses Windows vulnerabilities to insert itself into Scada (supervisory control and data acquisition) industrial control systems made by Siemens, which it then scans for information to report back to its controllers over the internet. Under some conditions, it can then take control of the industrial systems.

Project manager Mahmoud Jaafari told the Islamic Republic News Agency that the virus had caused no damage to the main systems, and that the infection had been found in the personal computers of employees at the nuclear power plant. The incident had not delayed the completion of the plant, he said.

Read this

ITU head: Cyberwar could be 'worse than tsunami'

Hamadoun Toure, the UN agency's secretary-general, has called for a global 'cyber peace treaty' in the context of the 'new world order' of cyberspace

Read more+

On Saturday, the Iranian news agency Mehr reported that 30,000 industrial computer systems had been infected. The director of the Information Technology Council of the Industries and Mines Ministry, Mahmoud Liali, told the agency that "an electronic war has been launched against Iran".

"[The Siemens Scada systems] are the main target of the worm, and even if the infected IPs are rid of it, the danger will persist until the virus has not been completely eliminated from the country," Mehr said, according to the Iran Daily newspaper.

"When activated, Stuxnet starts transmitting data about industrial production lines and office automation to the destination determined for it. There, the data is processed by the architects of the worm to hatch plots against the country," it quoted Mehr as saying.

In a technical advisory issued on 17 September, Siemens said: "The behavioral pattern of Stuxnet suggests that the virus is apparently only activated in plants with a specific configuration... This means that Stuxnet is obviously targeting a specific process or a plant and not a particular brand or process technology and not the majority of industrial applications."

According to Symantec, some 60 percent of network traffic generated by Stuxnet over the summer came from Iran.

Topic: Security

Rupert Goodwins

About Rupert Goodwins

Rupert started off as a nerdy lad expecting to be an electronics engineer, but having tried it for a while discovered that journalism was more fun. He ended up on PC Magazine in the early '90s, before that evolved into ZDNet UK - and Rupert evolved with them into an online journalist.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


1 comment
Log in or register to join the discussion
  • It is well publicised in Middle East news outlets (Al Jazeera) that Germany,
    Indonesia, India and the US are targets as well.

    Something the western media seem to be ignoring.