A COMPUTER virus that attacks an industrial system widely used by Iran could be the first real instance of “cyberwar”, western experts have revealed.
Kevin Hogan, senior director of security response at computer security giant Symantec, said 60 per cent of computers worldwide infected by the Stuxnet worm were in Iran, suggesting its industry was the target.
• President Mahmoud Ahmadinejad, who told UN this week Iran’s Bushehr plant was for civil not military use Picture: Getty
And European digital security company Kaspersky Labs said the attack could only be conducted “with nation-state support”.
“Stuxnet is a working and fearsome prototype of a cyber-weapon that will lead to the creation of a new arms race in the world,” it said in a statement about the virus which attacks control systems produced by German company Siemens.
The comments have stirred speculation that Iran’s first nuclear power station, at Bushehr, may have been targeted in a state-backed attempt at sabotage or espionage.
“It’s pretty clear that based on the infection behaviour that installations in Iran are being targeted,” Mr Hogan said.
Previous known cyber attacks, such as those directed at Estonia and Georgia by Russian hackers, have been simple “denial of service” attacks. Stuxnet is designed to “tell” industrial equipment to behave in a manner contrary to its programming.
Diplomats and security sources say Western governments and Israel view sabotage as one way of slowing Iran’s nuclear programme, which they suspect is aimed at making nuclear weapons despite Tehran’s denials.
Mr Hogan said it was not possible to be categorical about the exact targets. It could be a major complex such as an oil refinery, a sewage plant, a factory or a waterworks, he said.
“We cannot rule out the possibility (of a state being behind it]. Largely based on the resources, organisation and in-depth knowledge across several fields – including specific knowledge of installations in Iran – it would have to be a state or a non-state actor with access to those kinds of (state] systems,” said Mr Hogan.
Siemens was involved in the original design of the Bushehr reactor in the 1970s, when West Germany and France agreed to build the power station for the Shah of Iran.Siemens, the world’s number one maker of industrial automation control systems, said it has not supplied Iran with any industrial control systems usable for nuclear facilities. However, experts say such industrial control systems can be bought on the open market.
Israel has hinted it could attack Iranian facilities if international diplomacy fails to curb Tehran’s nuclear designs.
Israel has also developed a powerful cyberwar capacity.
Major-general Amos Yadlin, chief of military intelligence, last year said Israeli armed forces had the means to provide network security and launch cyber attacks of their own.
Stuxnet is a “Trojan worm” – malicious computer software, or malware, that disguises itself as a safe application – which spread from USB “thumb drive” memory devices, exploiting a vulnerability in Microsoft’s Windows operating system that has since been resolved.
The malware attacks software programmes that are used to monitor automated plants – from food and chemical facilities to power generators.
The claims came after Iranian president Mahmoud Ahmadinejad visited the UN in New York.