The Bushehr nuclear power plant was reportedly hit by the Stuxnet computer worm. The reactor building of the plant is pictured above.
WHO ARE THE HACKERS
Iran acknowledged that computers in its nuclear power facilities have been infected with a mysterious and highly sophisticated worm known as Stuxnet. The country’s leaders are treating it as an act of “electronic warfare” by the West. What exactly is this new “precision, military-grade cyber missile” — the U.S. Energy Department warned last month that Stuxnet could cause “catastrophic physical or property damage and loss” — and who’s unleashed it on Iran… and the world? (Watch a CNN report about the computer worm)
What is the Stuxnet worm?
A very sophisticated, very contagious, self-guided piece of computer malware designed to infiltrate and reprogram the control system of a specific industrial facility, like a nuclear plant, hydroelectric system, oil pipeline, or power grid. (A computer virus attacks computer code, while worms take over entire systems.) It only targets systems designed by Germany’s Siemens AG, although it has spread to as many as 45,000 computer systems worldwide, mostly Windows-based PCs. Nobody is sure what type of sabotage Stuxnet is ultimately designed to carry out.
Was it specifically designed to attack Iran?
It looks that way. At least 60 percent of the known infected computers are in Iran, and several security experts openly speculate that it was designed to sabotage Iran’s burgeoning nuclear power program, although there is no proof of that. “Maybe Iran is the target, but it may just be that they have less security in place on those types of systems,” says Symantec cyber-security expert Sian Jean.
Who is responsible for the attack?
Nobody who knows is saying. The worm was apparently unleashed in January, and Symantec says it was probably compiled by five to 10 highly trained programmers in a well-funded, state-sponsored effort. The governments capable of such an attack include China, Russia, India, Britain, and Germany, but much of the speculation has been aimed at the U.S. and Israel.
Why?
Partly because the perceived target, Iran’s potentially weapon-producing nuclear program, is most strongly opposed by those two countries, and partly because both the U.S. and Israel have reportedly been working toward just such a cyber-attack on Iran for years. Israel is believed to have carried out a similar cyber-attack that shut down a Syrian radar installations during a 2007 air attack on a suspected nuclear reactor.
Has Stuxnet done any damage?
It isn’t clear. Siemens says none of the 15 infected (and disinfected) industrial plants worldwide it knows about have reported any related problems, and Iran says it hasn’t caused any “serious damage.” But security analysts are taking a second look at a July 17 report from WikiLeaks about a mysterious, unconfirmed accident at Iran’s uranium enrichment plant in Natanz. Israel’s Haaretz says that plant is the likely target of the Stuxnet worm, specifically its complex, precision-demanding series of centrifuges. In the end, though, “only the attacker knows what it wanted to achieve, and only the victims know what it has achieved,” says Derek Reveron at the U.S. Naval War College.
Is Stuxnet dangerous to anybody else?
That’s a big, scary question. By design, or because the instigators were “so eager to stop the Iranian nuclear program” that “they simply didn’t care,” the Stuxnet worm has spread all over the world, even to the U.S., says John Markoff in The New York Times. And now that it’s everywhere, governments and hackers are racing to figure out ways to co-opt the powerful worm for their own ends. The people in charge of safety at power plants and dams worldwide “are scared to death,” says former U.S. cybersecurity coordinator Melissa Hathaway. “We have about 90 days to fix this before some hacker begins using it.”