Stuxnet Worm Could Target Iran's Bushehr Nuclear Reactor

Printer-friendly version Email this CRN article

The notorious Stuxnet cyber worm may next be targeting Iran's Bushehr nuclear reactor with a sophisticated attack aimed at taking down critical civil and industrial infrastructure.

The Stuxnet worm, designed to target industrial systems such as chemical manufacturing and power plants, has reportedly has been scanning Siemens' industrial software systems in order to find specific information and obliterate its instructed target -- whatever that may be -- according to The Christian Science Monitor.

Up until now, the worm has spread throughout Iran, Indonesia and India using Supervisory Control and Data Acquisition (SCADA) systems, but has remained largely under the radar.

However, that might have already changed. Specifically, the worm possesses the ability to modify Programmable Logic Controllers, devices that control the machines at power plants. In its most recent development, the cyber worm altered critical Siemens code, known as Operational Block 35, which scans classified factory operations.

Roel Schouwenberg, senior anti-virus researcher for Kaspersky Lab, said via e-mail that initially it was impossible to accurately tell if there was one specific target, due to the fact that Stuxnet was a self-replicating worm that spreads to multiple systems very quickly.

"Having said that, Stuxnet makes certain modifications to a running process which look to be involved in controlling the machines. Making such modifications could lead to the controlled machine malfunctioning," Schouwenberg said.

The recent findings lead some to believe that Stuxnet might have already attacked the Bushehr nuclear reactor, which has been perceived as a global nuclear threat, and an imminent danger to surrounding nation states.

Initially, Stuxnet was thought to be intended for stealing intellectual property and industry secrets used for extortion or counterfeiting purposes.

However, Ralph Langner, a German IACS security researcher who has heavily analyzed the Stuxnet virus, released a report last week, revealing evidence that led him to conclude that the sophisticated worm could be the next generation of malicious software used by cyber terrorists to launch attacks against physical targets and systems that would result in their total annihilation.

According to Langner's report, the Stuxnet virus was used for an attack with the purpose of sabotage, and involves heavy insider knowledge to be effectively executed. Langner speculated that the attack was used with one specific target in mind, and would essentially burn out after being discovered following its execution.

"The whole attack only makes sense within a very limited timeframe," Langner said in his report. "After Stuxnet is analyzed, the attack won't work anymore. It's a one-shot weapon. So we can conclude that the planned time of attack isn't somewhere next year. I must assume that the attack did already take place."


Next: Channel Partners, Experts Ponder Nuclear Cyber Threat

Printer-friendly version Email this CRN article