WASHINGTON (AP) — A powerful computer code attacking industrial facilities around the world, but mainly in Iran, probably was created by experts working for a country or a well-funded private group, according to an analysis by a leading computer security company.
The malicious code, called Stuxnet, was designed to go after several “high-value targets,” said Liam O Murchu, manager of security response operations at Symantec Corp. But both O Murchu and U.S. government experts say there’s no proof it was developed to target nuclear plants in Iran, despite recent speculation from some researchers.
Creating the malicious code required a team of as many as five to 10 highly educated and well-funded hackers. Government experts and outside analysts say they haven’t been able to determine who developed it or why.
The malware has infected as many as 45,000 computer systems around the world. Siemens AG, the company that designed the system targeted by the worm, said it has infected 15 of the industrial control plants it was apparently intended to infiltrate. It’s not clear what sites were infected, but they could include water filtration, oil delivery, electrical and nuclear plants.
None of those infections has adversely affected the industrial systems, according to Siemens.
U.S. officials said last month that the Stuxnet was the first malicious computer code specifically created to take over systems that control the inner workings of industrial plants.
The Energy Department has warned that a successful attack against critical control systems “may result in catastrophic physical or property damage and loss.”
Symantec’s analysis of the code, O Murchu said, shows that nearly 60 percent of the computers infected with Stuxnet are in Iran. An additional 18 percent are in Indonesia. Less than 2 percent are in the U.S.
“This would not be easy for a normal group to put together,” said O Murchu. He said “it was either a well-funded private entity“ or it ”was a government agency or state sponsored project” created by people familiar with industrial control systems.
A number of governments with sophisticated computer skills would have the ability to create such a code. They include China, Russia, Israel, Britain, Germany and the United States. But O Murchu said no clues have been found within the code to point to a country of origin.
Iran’s nuclear agency has taken steps to combat the computer worm that has affected industrial sites in the country,ghout the country, including its first nuclear power station just weeks before it was set to go online. Experts from the Atomic Energy Organization of Iran met this past week to discuss how to remove the malware, according to the semiofficial ISNA news agency.
The computer worm, which can be carried or transmitted through portable thumb drives, also has affected the personal computers of staff working at the plant, according to IRNA, Iran’s official news agency. The news agency said it has not caused any damage to the plants major systems.
German security researcher Ralph Langner, who has also analyzed the code, told a computer conference in Maryland this month that his theory is that Stuxnet was created to go after the nuclear program in Iran. He acknowledged, though, that the idea is “completely speculative.”
O Murchu said there are a number of other possibilities for targets, including oil pipelines. He said Symantec soon will release details of its study in the hope that industrial companies or experts will recognize the specific system configuration being targeted by the code and know what type of plant uses it.
At the Homeland Security Department’s National Cybersecurity & Communications Integration Center, a top U.S. cyberofficial on Friday displayed a portable flash drive containing the Stuxnet code and said officials have been studying it in the lab.
“I’ve let this run wild to see what it would do,” said Sean McGurk, director of the cyberoperations center. “So far we haven’t seen a lot of smoke coming out, so we know it’s not doing anything specifically malicious right now.”
Experts at the Energy Department’s Idaho National Laboratory have been analyzing it.
McGurk said that “it’s very difficult to know what the code was developed for. When you talk about specifically attributing it to a facility with a set purpose from a nation-state actor or criminal actor or ‘hacktivist,‘ it’s very difficult for us to say specifically, ‘This is what it was targeted to do.’”
Experts in Germany discovered the worm, and German officials transmitted the malware to the U.S. through a secure network. The two computer servers controlling the malware were in Malaysia and Denmark, O Murchu said, but both were shut down after they were discovered by computer security experts earlier this summer.
In plain terms, the worm was able to burrow into some operating systems that included software designed by Siemens AG, by exploiting a vulnerability in several versions of Microsoft Windows.
Unlike a virus, which is created to attack computer code, a worm is designed to take over systems, such as those that open doors or turn physical processes on or off.
___
AP Broadcast Correspondent Sagar Meghani and AP writer Nasser Karimi in Tehran, Iran, contributed to this report.
Submitting your tip... please wait!
Comments (120)
everythinguknowiswrong
Posted on September 26, 2010 at 7:48pmMaybe it was that kid who hacked into Sarah Palin’s email. Just trying to save the world one byte at a time.
Report Post »Alydia
Posted on September 26, 2010 at 8:14pmLOL…good answer!
Report Post »TattooQ
Posted on September 26, 2010 at 7:44pmMazel Tov to the Israelis . Motive and opportunity favor the Israelis in my view. Nobody stands to lose more than the Israelis if a bunch of Twelvers get the bomb or hand nuclear material to their proxies in Gaza , Lebanon , or the West bank .
My second choice would be the US . The Iranian Revolutionary Guard Corp/ Quds Force terrorists in Iraq or Afghanistan or Hezbollah types in Mexico armed with nuclear materials could really be bad news .
Report Post »suzyk
Posted on September 26, 2010 at 7:33pmWHAT IF?????? Obama wants control of the internet. Says it’s “dangerous to our national security”. Is this all a trick for Obama to take control here? I don’t trust him – you always have to watch what they are doing in the background.
Report Post »L4frdm
Posted on September 26, 2010 at 8:35pmI agree, looks like a back door for ….. “NET NEUTRALITY”………………………
Report Post »How does it go……. “never let a crisis go to waste”, this would be the easiest way for
the elites to take control of the net.
ProdigalChild
Posted on September 26, 2010 at 10:55pmNudge
Report Post »RESTORATION1787
Posted on September 26, 2010 at 7:32pmIt was Al Gore working with Global Warming computer geeks to bring down big industry. He did invent the internet after all.
Report Post »BetsyRoss1
Posted on September 26, 2010 at 8:33pmLol
Report Post »Thunderstorm 316
Posted on September 26, 2010 at 7:31pmI dont think this is something to take lighty here if the nuke plant goes online and the Iranians dont have that thing cleand out 100% anything could happen. I allso love how nobody really knows what Stuxnet is after and why it is here.
Report Post »Mithra
Posted on September 26, 2010 at 7:53pmPerhaps god did it? Allah may not be amused by the Iranians.
Report Post »AmericanPatriot01
Posted on September 26, 2010 at 9:14pmWouldn’t that be poetic justice though. They turn the plant on, it overloads and blows a whole in their country… Fox News ALERT!! Iran nuclear plant blows up and takes out a 3rd of Iran and opens the gates of hell and out comes the 12th imam, lol
Report Post »anunyapete
Posted on September 26, 2010 at 7:25pmAnyone remember the story about the US-made fighters in Iran decades ago? Aboiut 6 months after the US-rained techs were forced out of the country along with the Shah, the avionics (?) on the aircraft stopped working.
I could be mistaken on the specific details of the story (Iraq or Iran?, F-14′s or F-16′s?). But the point is, this type of sabotage may well have been used many times before in the not so distant past.
Report Post »chazman
Posted on September 26, 2010 at 7:21pmIt’s someone with LIZARD BRAIN SYNDROME. Zsa Zsa Huffington did it!
Report Post »canuck44
Posted on September 26, 2010 at 7:21pmSoft probe by the Israelis and a warning to the Iranians. Obama doesn’t have the stones to do this and the people he put in charge would sabotage anything we do. This has Mossad fingerprints….much like the Dubai cull.
Report Post »tindleben
Posted on September 26, 2010 at 9:28pmmossad would be my guess, too.
Report Post »MOONRISE
Posted on September 26, 2010 at 7:19pmI wonder if the democrats are going to blame those radical, racists Tea Party members.
Report Post »N37BU6
Posted on September 26, 2010 at 7:15pmMy guess is somewhere in Asia… most likely somewhere beginning with a “K”.
Which one? “S”, because “N” is useless, and has no electricity.
Or Japan, or China. Or America.
Report Post »quicker
Posted on September 26, 2010 at 6:50pmno thay know isreal will just take it out
Report Post »e-merlin
Posted on September 26, 2010 at 6:42pmDon’t you think “they” will figure out a way to blame Isreal?
Report Post »MESO71
Posted on September 26, 2010 at 7:14pmSounds like the makings for a great poll… Will Iran blame Israel before Obama blames Bush??? LOL!
Report Post »ron the veteran
Posted on September 26, 2010 at 8:43pmit was isreal and bush together. dont you know that? lmao
Report Post »Tate
Posted on September 26, 2010 at 6:24pmI bet it was Joe ‘Bite-Me’ Biden. You know how smart He is? Do you? Just kidding I don’t think Bite-Me did it. I don’t even think He ties His own shoes. He probably will get someone from Scranton to do it or someone who has a 3 letter word J-O-B-S <– that's 4 letters Joe Bite-Me.
Report Post »Onward2Victory
Posted on September 26, 2010 at 7:49pmAn infinite number of Joe Bidens banging on keyboards for an infinite amount of time… could not produce this worm.
Report Post »icesk8rgirl96
Posted on September 26, 2010 at 6:22pmKLSTJ, you makes such a good point! Exactly!
Report Post »klstj
Posted on September 26, 2010 at 6:13pmI like the term “on, off switch”! Although “on” doesn’t excite me, it scares me. What if someone could infiltrate their system, undetected, control and or activate it without detection and then blame it on a virus? On the more positive side, what if they could infiltrate, undetected and stop a nuclear strike by entering a code on a keyboard? What if this is another crisis by design to regulate the internet? Out of 1,2 & 3 I prefer 2. I wouldn’t put anything passed a Soros, China, any government at this point. I’m saying prayers every day for my three sons. That the world they are entering will find a way to right itself. To prepare them for all of the thought impossible. God help them.
Report Post »Mithra
Posted on September 26, 2010 at 7:49pmI think Soros. He is responsible for everything. I was waiting for his name to come up.
Report Post »whitaker
Posted on September 26, 2010 at 11:06pmWhat should scare you is who and how many people can launch a nuke from Afghanistan.
Report Post »icesk8rgirl96
Posted on September 26, 2010 at 6:12pmYes! I love computer worms! Any way possible to shut down that plant! I bet it’s the U.S. goverment doing this!
Report Post »kerrcarto
Posted on September 26, 2010 at 6:53pmAgreed, hopefully it is U.S.
Report Post »TulsaYeeHaw
Posted on September 26, 2010 at 6:08pmI don’t mean to be THAT guy, but I don‘t think Obama would have let this go forward if he’d known about it. Maybe it was dissidents.
Report Post »George Washington
Posted on September 27, 2010 at 2:05pmYou could be right. Since Obama apologizes to everyone for everything and, since he kisses the butt of every foreign leader while bowing down to them and sucking up to them, it only stands to reason that Obama cares more about the well being of other countries much more that he cares about the well being of The United States, which may not even be HIS country.
Report Post »Redd
Posted on September 26, 2010 at 6:06pmGet Inspector Closseau on the line!
Report Post »George Washington
Posted on September 27, 2010 at 1:53pmI was talking with Inspector Clousseau, earlier this morning. This is what he had to say. “Firstit of all, It is against the lew to do dammage by giving to a nuclear plant a computer virus. But sinse the plant belongist to Iran, WHO CARES?! The mainit thing is it that it worked. The bad part isit that they founded it. I will findit whoever dided it. Then I will teachet them how to do it the rright way so Iran cannot findit it. Now I must ask you a verry imporrtant question. Does yourr dog bite?” I must now agree with REV.WC Bush destroyed our country. Bush prevented Obama from fixing it in almost two years. Bush is why we are fed up with Congress. Bush is why Obama is not enforcing our immigration laws and, yes. It was Bush who did this. Since he is still screwing things up for Obama, He is to blame. Why he even screwed this up. He forgot to make the virus undetectable. Oh, I almost forgot. Bush told Gore about global warming and convinced Gore to waste money by buying carbon credits. That is why Gore does not feel guilty about increasing his carbon footprint. By now, his shoe size is about 20 and growing every day. So, yes. It is all Bush’s fault. Bush is the one who is responsible for bad weather, traffic fatalities, natural disasters and, anything else one can think of. Especially the fact that we got saddled with Obama as our President, Princess Pelosi as our Speaker Of The House and, a Democratically controlled Congress. So, in parting, may I say that the next time you are not feeling well, you will know who to blame. See your doctor, if you can still find one and afford the fee. Then tell the doctor what your symptoms are and, who caused it. I am certain that you will be told to take daily baths in Obama b*#l s*^t to cure your disease.
Report Post »imareader
Posted on September 26, 2010 at 6:05pmthinking the same,..Ironman.
IMHO, the Iranians may be floating this to keep our eyes off a gathering threat… it appears the US Army’s thinking along those lines too:
‘IN THE DARK – Military/Community Planning for a Catastrophic Critical Infrastructure Event’
Snip:
..”The Army War College is hosting a workshop entitled “IN THE DARK Military Planning for a Catastrophic Critical Infrastructure Event” to be held at Carlisle Barracks, PA, for 28-30 September 2010.
The focus of the workshop is on determining and outlining the strategic requirements for coordination and preparation for initial (pre-event) response, and the assurance of (post-event) survival that can be codified and applied to domestic national defense organizations (with the focus on Army requirements) and the needs of civilian communities across the United States in the event of a catastrophic critical infrastructure failure.
Our basic premise is that, as of now, all hazards have not been adequately planned for by our leadership.
The workshop will delve into what is needed to collectively understand and develop actions to address deficiencies cited in DOD reports concerning military response to such an event.”
http://www.mema.state.md.us/calendar/view_recurring_event.asp?CalendarID=11515
Report Post »Jack27
Posted on September 26, 2010 at 6:01pmSounds more like a Nobel peace Prize is in order, this has more merit than the algore farce.
Report Post »ron the veteran
Posted on September 26, 2010 at 8:26pmwe all know it wasnt a ******* who did it. they are more into destroying our nation than irans. but we can only hope it exploads in their faces and takes them all out.
Report Post »John 1776
Posted on September 26, 2010 at 5:35pmLikely developed by the Chinese to harass our industrial systems. (They like to do that.) But, we had better firewalls up and the greatest infections ended up being in Iran! (Oh, the Karma!) After all, much of their technology is “borrowed” from other countries, but they miss out on the security patches!
Report Post »Dddriver
Posted on September 26, 2010 at 5:34pmKarma? Not that I agree with messing with nuclear systems but if they were not trying to go nuclear would be a nonissue
Report Post »Ironmaan
Posted on September 26, 2010 at 5:28pmAsymmetric warfare is interesting, but I would much rather just turn their desert into green glass.
Report Post »John 1776
Posted on September 26, 2010 at 6:33pmMight be the lesser of two evils. I suspect Iran has no interest in developing a nuclear arsenal. They just want to get two or three built, and we will find out they did the morning we wake up and read that Israel has been burned off the map. Take him at his word. He wants to “Hasten the coming of the 12th Imam”, and he intends to do that by martyring his whole country by having a nuclear war with Israel. His ambitions are not political, they are Biblical.
Report Post »Tate
Posted on September 26, 2010 at 7:53pmIrans President Ahmadinejad met with Louie Farrakhan and (TNBP) ‘The New Black Panters’ in NYC.
CALLING ERIC HOLDER, COME IN ERIC! EARTH TO HOLDER, COME IN HOLDER!
HELLO HELLO HELLO HELLO HELLO HELLO. Holder come in. Are you still working?
JeffW65
Posted on September 27, 2010 at 1:52pmI remember the days when their were bumper stickers and T-shirts with the slogan “nuke their ass, take their gas”.
Report Post »wingedwolf
Posted on September 26, 2010 at 5:28pmShut down iran’s nukes any possible way.
Report Post »Two_Kids_Dad
Posted on September 26, 2010 at 5:48pmAgreed. Regardless of who’s behind it, I hope they find a way to focus it specifically on the Iranian targets and either shut them down or make them malfunction a la Chernobyl. Because we all know that a successful Iranian nuclear energy program will quickly morph into an Iranian nuclear weapons program. It‘s a major part of their plan and they’re not even bothering to hide it any more.
Report Post »Marylou7
Posted on September 26, 2010 at 6:45pmAmen to that! Someone has to shut them down.
Report Post »poverty.sucks
Posted on September 26, 2010 at 7:39pmEx-CIA operatives working without their brains tied behind their backs.
Report Post »Dweeby_EE
Posted on September 26, 2010 at 8:40pmLook… I’m for destroying those facilities too. But a computer virus is NOT the way to do it. I’d sure hate for those things to freeze up (…gotta love windows…) and create a china syndrome situation. Just find those plants, drop some low-tech “Little Boy” style tactical jiffy-pops on them in cellulose casings from a B-2 @ 100k feet, and then say, “well it looks like you little guys didn’t know what you were doing after all, huh?”
Report Post »JJ Coolay
Posted on September 27, 2010 at 12:49amA la Chernobyl would be preferrable, especially if Achk-mad-din-uj-ahd was nearby
Report Post »Polwatcher
Posted on September 27, 2010 at 5:41amWho ever did it, did us all a favor. Any delay on this project is welcome news.
Report Post »CandleLighter
Posted on September 27, 2010 at 10:07amI hate to say this, but sometimes I have to be a little snarky.
Sorry for your probs Iranian nuclear program. In the words of bart Simpson, “We didn’t do it, nobody say us, ya can’t prove a thing!”
Besides, if was just targeted at y’all, I would have thought a better name would have been SUX2BU.
Sorry, I couldn’t resist. I’ll be more serious now.
Be safe and well
Report Post »Tate
Posted on September 26, 2010 at 5:20pmI don’t care who did it. I hope it BURNS OUT.
Report Post »Jamestown
Posted on September 26, 2010 at 6:05pmDid you know The Eleventh Commandment Ninth Bible…THOU SHALL NOT USE A BLACKBERRY..I bet its RIM
Report Post »..Research In Motion…they screw up everything
plunderpower
Posted on September 26, 2010 at 6:28pmI can guess at who did it, but that is not the point. Iran and their lying big mouth Ahmadinejad, Al Qaeda in Malaysia, and Mrs. Prissy Pants in the US Scty of State position doing her version of peace processes….they all just got the shot across the bow. And that’s fine with me.
Report Post »bigbud
Posted on September 26, 2010 at 6:30pmIt’s probably those non-exsistant homosexuals. you go boy!!!!!
Report Post »belleharbor
Posted on September 26, 2010 at 7:09pmMost computers with a certain capability are per loaded with a way for a few to override all systems and allow the few to view all you do it is a fact and some know .Sorry thats why i only laugh when people use there computers and cell systems for all the are.i only use mine to talk to you guys and my UFO friends does that scare you it should they are out there I see them i must go now before they find me transmitting by all.
Report Post »Rev. WC
Posted on September 26, 2010 at 7:14pmIsreal…microsoft…apple…castro…chavez…not… it has to be Bush!
Report Post »CultureWarriors
Posted on September 26, 2010 at 8:55pmGotta love Bill Gates! Windows has more holes than Swiss Cheeze!
But seriously I have considerable experience in computer security and this sounds like they had inside access to the Siemens system during development.
http://www.youtube.com/watch?v=9UtmTALMkU4
Report Post »Ellie
Posted on September 26, 2010 at 8:56pmWhen the Iran reactor was first loaded with fuel and there were fears that Israel would do an air strike (again) I thought to myself, come on guys, be a little more stealthy then that.
The two words of advice that I most wanted to give Israel were “Sabotage Bushehr” – no doubt this wasn’t a unique idea.
Report Post »AmericanPatriot01
Posted on September 26, 2010 at 9:04pmI keep trying to explain to people that they dont appear to be after a tue nuclear event device. It appears they are more likely developing delivery systems for dirty bombs. They wont need the tradition nuclear devices they only have to poison the earth with radioactive material. They have what they were after and they are just taunting their enemies now hoping someone falls for the trap so they will have the excuse to deploy it. Just my opinion.
Report Post »tepartyblog.info
Posted on September 26, 2010 at 9:41pmI say it was funded by George sOrOs
Report Post »donbcg
Posted on September 26, 2010 at 10:57pmSiemens Automation has over 30% of the market. All their high end systems run windows. I am in the industry and this is real bad. They found a way to sit and wait in the system and act once a combination of functions happen. From where I sit I have access to over a hundred systems where I can turn on and off any device I want from home. Of course I am not going to. The point is that these systems were designed for a world where people don’t desire to do harm like this. The systems are just basically wide open for an experienced coder.
I am sure they will find a cure, but till then it’s a guessing game.
Report Post »