Iran Successfully Eradicates Stuxnet Virus Infestation

Wednesday, February 15, 2012



Reuters reports that both US and European officials believe that Iran has successfully eradicated the Stuxnet virus from systems critical to the nation's nuclear weapons development programs.

The officials, who preferred to comment in anonymity, expressed concerns that the Iranian efforts to purge networks of the Stuxnet virus may have been unintentionally aided by Western security researchers who studied and published extensively on the malware.

Others experts believe that it was only a matter of time before Iranian technicians would defeat Stuxnet after becoming aware of the virus' components.

"Once Stuxnet's signature is identified it can be eliminated from a system... Once you know that it's there it's not that difficult to reverse engineer... Neutralization of Stuxnet, once its operation is understood, would not be that difficult as it was precisely engineered to disrupt a specific item of machinery," said British security researcher Peter Sommer.

Stuxnet is a highly sophisticated designer-virus that infects systems which provide operations control for production networks, and leading theories indicate that the malware was probably specifically produced to stifle Iran's nuclear weapons ambitions.

The Stuxnet virus attacks, which targeted Siemens Programmable Logic Controllers (PLCs), are thought to have caused severe damage to Iranian uranium enrichment facilities and reportedly set back the nation's nuclear program by as much as several years.

Acknowledgement from US and European officials that Iran may have been successful in defeating Stuxnet follows on the heels of similar comments by Gholam-Reza Jalali, head of the Iranian Passive Defense Organization, who earlier this week said that  "Iranian experts possess adequate knowledge to confront cyber threats. All nuclear facilities in the country are immune from cyber attacks..."

Former UN weapons inspector David Albright, who is acutely familiar with Iran's nuclear programs, believes that the authors behind the creation of Stuxnet probably assumed from the beginning that the malware would have only a limited period of effectiveness against targeted systems.

"I would assume that once Iran learned of Stuxnet, then intelligence agencies looked at this method of cyber attack as compromised regardless of how long it has taken Iran to neutralize it. It is a cat and mouse game," Albright said.

The modular nature of the Stuxnet's design could mean that variations of the virus tailored to target other critical components of control systems could already be in development, as exemplified by the Duqu virus which displayed many similarities to Stuxnet, though it was not designed to deliver a payload.

"Aspects of Stuxnet could be re-used, but it is important to understand that its success depended not only on 'clever coding' but also required a great deal of specific intelligence and testing. It was the first known highly-targeted cyber-weapon, as opposed to more usual cyber weapons which are more diffuse in their targeting," Sommer stated.


Possibly Related Articles:
malware Iran Military Cyberwar Stuxnet Headlines Siemens Programmable Logic Controllers Nuclear Targeted Attacks reverse engineering DUQU plc Gholam-Reza Jalali
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.