SUBSCRIBE TO TMCnet
TMCnet - World's Largest Communications and Technology Community
 
| More

 

September 27, 2010

Computer Infection Attacks May Be Aimed at Iran and Linked to Wealthy Group or Nation
By Ed Silverstein
TMCnet Web Editor

A computer code attacking global industrial facilities, but mainly those in Iran, may have been created by experts working for a country or a well-funded private group, according to an analysis by a computer security company, according to The Associated Press (News - Alert).



The malicious code, called Stuxnet, was designed to go after several "high-value targets," Liam O Murchu, manager of security response operations at U.S.-based Symantec (News - Alert) Corp, told The AP.

Both O Murchu and U.S. government experts say there's no proof it was developed to target nuclear plants in Iran, despite recent speculation from some researchers, The AP reported.

Computerworld reported that although some computers at Iran's Bushehr nuclear reactor were infected by the Stuxnet worm, none of the facility's crucial control systems were affected, Iranian officials claimed Sunday.

The news followed Saturday's admission by Iran that Stuxnet had infected at least 30,000 computers in the country, according to Computerworld.

The worm, which researchers have dubbed the most sophisticated malware ever, targets Windows PCs that manage large-scale industrial-control systems in manufacturing and utility companies, according to Computerworld.

Creating the malicious code required a team of as many as five to 10 highly educated and well-funded hackers, according to The AP.

The malware has infected as many as 45,000 computer systems around the world, according to The AP.

Siemens AG (News - Alert), the company that designed the system targeted by the worm, said it has infected 15 of the industrial control plants it was apparently intended to infiltrate. It's not clear what sites were infected, but they could include water filtration, oil delivery, electrical and nuclear plants, The AP reported.

The AP also reported that Symantec's analysis of the code, O Murchu said, shows that nearly 60 percent of the computers infected with Stuxnet are in Iran. An additional 18 percent are in Indonesia. Less than 2 percent are in the U.S.

A number of governments with sophisticated computer skills would have the ability to create such a code. They include China, Russia, Israel, Britain, Germany and the United States, according to the AP report. But O Murchu said no clues have been found to point to a country of origin.

Reuters reported that diplomats and security sources say Western governments and Israel view sabotage as one way of slowing Iran's nuclear work, which the West fears is aimed at building bombs. Tehran says it needs nuclear technology to generate electricity.

Meanwhile, CNET reported that an industrial control security researcher in Germany who analyzed the Stuxnet computer worm is speculating that it may have been created to sabotage a nuclear plant in Iran.

The worm appeared in July and was later found to have code that could be used to control plant operations remotely, CNET reported.

Stuxnet spreads by exploiting three holes in Windows, one of which has been patched.


Ed Silverstein is a contributing editor for TMCnet's InfoTech Spotlight. To read more of his articles, please visit his columnist page.

Edited by Stefania Viscusi

 






Technology Marketing Corporation

800 Connecticut Ave, 1st Floor East, Norwalk, CT 06854 USA
Ph: 800-243-6002, 203-852-6800
Fx: 203-866-3326

General comments: tmc@tmcnet.com.
Comments about this site: webmaster@tmcnet.com.

STAY CURRENT YOUR WAY

© 2014 Technology Marketing Corporation. All rights reserved | Privacy Policy