Iran nu­clear agency is work­ing to de­feat a com­puter worm

Los Angeles Times - - The World - times news ser­vices

tehran — Iran’s nu­clear agency is try­ing to com­bat a com­plex com­puter worm that has af­fected in­dus­trial sites through­out the coun­try and is ca­pa­ble of tak­ing over power plants, Ira­nian news re­ports said.

Ex­perts from the Atomic En­ergy Or­ga­ni­za­tion of Iran met last week to dis­cuss how to re­move the ma­li­cious com­puter code, or worm, the semiof­fi­cial Ira­nian Stu­dents News Agency re­ported.

The com­puter worm, dubbed Stuxnet, can take over sys­tems that con­trol the in­ner work­ings of in­dus­trial plants. The worm was dis­cov­ered in July by ex­perts in Ger­many and it has since shown up in a num­ber of attacks, pri­mar­ily in Iran, In­done­sia, In­dia and the United States.

Kevin Ho­gan, se­nior di­rec­tor of se­cu­rity re­sponse at the U.S. technology com­pany Sy­man­tec, said 60% of the com­put­ers in­fected by Stuxnet were in Iran, sug­gest­ing that in­dus­trial plants in that coun­try were the tar­get.

There has been spec­u­la­tion that Iran’s nu­clear power sta­tion at Bushehr has been tar­geted by a state­backed at­tempt at sab­o­tage or es­pi­onage.

“It’s pretty clear that based on the in­fec­tion be­hav­ior that in­stal­la­tions in Iran are be­ing tar­geted,” Ho­gan said. “The num­bers are off the charts.”

Di­plo­mats and se­cu­rity sources say Western gov­ern­ments and Is­rael view sab­o­tage as one way of slow­ing Iran’s nu­clear pro­gram, which the West sus­pects is aimed at mak­ing nu­clear weapons; Iran says it is for peace­ful en­ergy pur­poses.

The ISNA re­port said the mal­ware had spread through­out Iran, but did not name spe­cific sites af­fected. Ira­nian news­pa­pers have re­ported on the com­puter worm hit­ting in­dus­tries across the coun­try in re­cent weeks, with­out giv­ing de­tails.

The mal­ware is ap­par­ently a Tro­jan worm that spreads via in­fected USB thumb drives, ex­ploit­ing a vul­ner­a­bil­ity in Mi­crosoft Corp.’s Win­dows op­er­at­ing sys­tem that has since been re­solved.

The de­struc­tive Stuxnet worm has sur­prised ex­perts be­cause it is the first one specif­i­cally cre­ated to take over in­dus­trial con­trol sys­tems, rather than just steal or ma­nip­u­late data. And it is clear that the worm’s cre­ators had sig­nif­i­cant re­sources.

“We can­not rule out the pos­si­bil­ity” of a state be­ing be­hind it, Ho­gan said.

“Largely based on the re­sources, or­ga­ni­za­tion and in-depth knowl­edge across sev­eral fields, in­clud­ing spe­cific knowl­edge of in­stal­la­tions in Iran, it would have to be a state or a non-state ac­tor with ac­cess to those kinds of [state] sys­tems.”

RE­AC­TOR:

Some spec­u­late that a ma­li­cious com­puter code has tar­geted Iran’s nu­clear plant at Bushehr.

Newspapers in English

Newspapers from USA

© PressReader. All rights reserved.