Wednesday, September 29, 2010

Report: Desperate Iran seeks outside help in dealing with Stuxnet

A report late last week suggested Iran had successfully gotten the Stuxnet worm under control.  This report, via DEBKafile, suggests otherwise:


image Tehran this week secretly appealed to a number of computer security experts in West and East Europe with offers of handsome fees for consultations on ways to exorcize the Stuxnet worm spreading havoc through the computer networks and administrative software of its most important industrial complexes and military command centers. debkafile's intelligence and Iranian sources report Iran turned for outside help after local computer experts failed to remove the destructive virus.

None of the foreign experts has so far come forward because Tehran refuses to provide precise information on the sensitive centers and systems under attack and give the visiting specialists the locations where they would need to work. They were not told whether they would be called on to work outside Tehran or given access to affected sites to study how they function and how the malworm managed to disable them. Iran also refuses to give out data on the changes its engineers have made to imported SCADA (Supervisory Control and Data Acquisition) systems, mostly from Germany.

The impression debkafile sources gained Wednesday, Sept. 29 from talking to European computer experts approached for aid was that the Iranians are getting desperate. Not only have their own attempts to defeat the invading worm failed, but they made matters worse: The malworm became more aggressive and returned to the attack on parts of the systems damaged in the initial attack.

One expert said: "The Iranians have been forced to realize that they would be better off not 'irritating' the invader because it hits back with a bigger punch."


The official story from Tehran echos the SoftPedia report:  That the Stuxnet infestation is not as bad as reported and that the Bushehr nuclear facility is on schedule.

The spread of the virus, with nearly 60% of reported infections coming out of Iran, strongly suggests that it was indeed the intended target of Stuxnet. Computer and national security experts continue to insist that the complexity of the system and its ability to exploit previously unknown weaknesses in the Microsoft Windows operating system means it was developed with a specific target in mind. It’s unlike anything seen before.

Pure speculation of course, but perhaps the existence of Stuxnet is the reason why Israel allowed the Bushehr facility to be fueled last August. A window of opportunity to launch an air strike on the facility closed when the rods were inserted into the reactor.  An airstrike afterwards would almost certainly result in a release of radioactive material into the environment, a devastating collateral impact.  Perhaps Israel—or one of its allies—developed a quieter, more devious way to prevent Iran from developing its nuclear capability, or destroy the facility in a way that could be blamed on lax Iranian security protocols.

0 comments :