Monday 23 December 2024
 
»
 
»
Story

Cyber attack 'aimed at Iran'

London, September 25, 2010

A computer virus that attacks a widely used industrial system appears aimed mostly at Iran and its sophistication suggests a state may have been involved in creating it, Western cyber security companies said.

Kevin Hogan, Senior Director of Security Response at Symantec, told Reuters 60 per cent of the computers worldwide infected by the so-called Stuxnet worm were in Iran, indicating industrial plants in that country were the target.

European digital security company Kaspersky Labs said the attack could only be conducted 'with nation-state support.'

'Stuxnet is a working and fearsome prototype of a cyber-weapon that will lead to the creation of a new arms race in the world,' it said in a statement about the virus which attacks Siemens AG's widely used industrial control systems.

The companies' remarks are the latest in a series of specialist comment stirring speculation that Iran's first nuclear power station, at Bushehr, may have been targeted in a state-backed attempt at sabotage or espionage.

'It's pretty clear that based on the infection behavior that installations in Iran are being targeted,' Hogan said of the virus.

'The numbers (of infections in Iran) are off the charts,' he said, adding Symantec had located the IP addresses of the computers infected and traced the geographic spread of the malicious code.

At a cyber watch center run by the US Department of Homeland Security outside Washington, a US government official declined to be drawn out on reports that Bushehr was the main target.

'It's very hard to understand what the code was developed for,' Sean McGurk, who runs the National Cybersecurity and Communications Integration Center, told reporters. He said it was capable of taking over physical systems when a certain combination of Siemens software and hardware are present.

Sabotage

'We're not looking right now to try to attribute where it came from,' McGurk said. 'What we're focusing on is how to mitigate and prevent the spread.'

He displayed a blue rubber-clad swivel-style USB thumb drive that he said contained the malicious code.

'Once it's in the operating system it no longer requires this to move around,' he said. 'It looks for a particular combination of a software code, or an application, and a hardware platform.

'If it finds it, then it starts manipulating some of the settings' of devices known as programmable logic controllers. Such devices are used, for instance, to move robot arms that build cars, open elevator doors and control HVAC systems.

McGurk said Siemens systems were used by companies doing everything from pharmaceutical and chemical manufacturing to water purification and power.

Diplomats and security sources say Western governments and Israel view sabotage as one way of slowing Iran's nuclear program, which the West suspects is aimed at making nuclear weapons but Tehran insists is for peaceful energy purposes.

Hogan said the virus' targets could be a major complex such as an oil refinery, a sewage plant, a factory or water works.

'We cannot rule out the possibility (of a state being behind it). Largely based on the resources, organization and in-depth knowledge across several fields ... it would have to be a state or a non-state actor with access to those kinds of (state) systems.'

Siemens was involved in the original design of the Bushehr reactor in the 1970s, when West Germany and France agreed to build the nuclear power station for the former Shah of Iran before he was overthrown by the 1979 Islamic revolution.

Siemens, the world's number one maker of industrial automation control systems, says it has not supplied Iran with any industrial control systems usable for nuclear facilities.

However, experts say such industrial control systems can be bought on the open market.

Western countries have been critical of Russia's involvement in completing the long-mothballed Bushehr plant.

Moscow says it is purely civilian and cannot be used for any weapons programme. – Reuters




Tags: Iran | London | Bushehr | cyber attack | computer virus |

More IT & Telecommunications Stories

calendarCalendar of Events

Ads