Stuxnet Worm: Iran Deny Nuclear Station Hit
The first computer virus designed to damage targets in the real world has not hit Iran's nuclear power plant, the country's Government has claimed.
The Stuxnet worm is the first known malicious software of its kind unleashed by computer hackers and has opened the door to a new era of cyber-warfare.
Experts say it is designed to destroy or sabotage factories, power plants, refineries or other industrial installations.
But Iranian Foreign Ministry spokesman Ramin Mehmanparast denied widespread suggestions the nation's Busheher nuclear station had been badly affected.
He said at a weekly press conference that the reports were part of a "soft war" and "propaganda stratagem" against Iran.
"The Busheher plant is pursuing its activities based on a set timetable," he said.
We are used to Trojans and viruses roaming the internet harming computers and causing financial damage, but Stuxnet is in a league of its own.
This would require a lot of resources on the level of a nation state. Taking into account the intelligence required to attack a specific target it would be virtually impossible that this is a lone attacker sitting at home.Gadi Evron, Israeli cybersecurity strategist
The worm targets closed and highly secure industrial networks.
After being introduced with a USB key, Stuxnet slips past four previously unknown vulnerabilities in the Windows operating system, so-called "zero day" vulnerabilities.
It is rare for malicious software to exploit even two of them.
Each one can take months for hackers to identify and more time to write software to exploit.
The worm then hunts for specific types of computers made by German company [Only registered and activated users can see links. ].
Having found its host, it lies dormant, waiting for a certain moment to override the computer's control of industrial machinery, with potentially disastrous consequences.
Israel is known to be worried about Iran's nuclear capabilities
This new breed of malware could wreak the kind of damage only previously seen in Hollywood disaster films.
Imagine a nuclear power station's cooling system being overridden, for example.
Or a railway's signals system thrown into chaos.
Experts estimate developing the [Only registered and activated users can see links. ] would have taken a highly specialised team between six months to a year.
Israeli cybersecurity strategist Gadi Evron says the worm is so advanced it is almost certainly state-sponsored.
"This would require a lot of resources on the level of a nation state.
"Taking into account the intelligence required to attack a specific target, it would be virtually impossible that this is a lone attacker sitting at home."
Gadi Evron believes the worm must have been developed by a state
Less impressive, though, is the spread of the worm's infection.
"The attack managed to infect, over several months, something like 30,000 to 50,000 PCs in many facilities and corporations worldwide," Uri Rivner from internet security company RSA told Sky News.
Such a wide dissemination has helped expose the worm's existence and helped efforts to neutralise it.
It also raises questions about the likely target for the worm.
Iran says computers at its nuclear plant in Bushehr have been compromised by the worm but will not reveal the extent of the damage.
Some figures suggest 60% of the Stuxnet infections are in Iran.
That has led to a highly speculative finger of blame being pointed at both Israel and the USA, although both country's governments have declined to comment on the claims.
[Only registered and activated users can see links. ]