Stuxnet Hit 5 Targets Iraninan Plant

Five Iranian Organizations were already infected with the Stuxnet computer worm attack prior to the attack on Natanz uranium enrichment complex, reports Symantec.

This Stuxnet worm mission on five Iranian facilities was accomplished by mere 10 machines only. In fact, the 12,000 Stuxnet infections as of now can be traced back to the 10 prior infections on systems that were not even connected to the Internet.

The report further suggests that the reason behind targeting these five facilities were due to their close ties with Natanz. Removable of USB drives from Natanz devoid of Internet connection further facilitated easy disbursement of the Stuxnet virus.

The design of Stuxnet worm itself facilitated easy destruction of the high-frequency convertor drives implemented in the five Iranian facilities. The worm itself regulates the automated user interface of the control system to give the impression of being normal. In fact, in reality, it is adjusting the momentum of the drives rapidly to very high and low frequencies. The resulting consequence follows in enrichment of uranium together with permanent damage to the drive motors.

Two sites were targeted during the initial attack on June 2009. One of the attacks was materialized instantly within 12 hours after the sample compilation.

USB devices were utilized for introducing the worm and the time span between compilation and infection is indicative that the attack was preplanned. Within a month, two other organizations were infected by the same sample.

In March 2010, a new variant was compiled to infect one organization and within a month, another variant was created to affect three more sites.

The five initial affected organizations are inter-connected with the final target, for which the mission could be accomplished. Nuclear installation at Natanz is believed to be the final target as 1,000 uranium centrifuges were sabotaged by Stuxnet.

Security experts were apprehensive towards Iranian delayed response towards the attack and mission of Stuxnet attack been carried successfully.

From the aforementioned instance, businesses should educate themselves towards safeguarding their organizations from malware epidemics.

Related article: Stuxnet malware Signed With JMicron Certificate

» SPAMfighter News - 2/19/2011