IRAN: Speculation on Israeli involvement in malware computer attack
It took Iran several months since the reports that it was hardest hit by the computer worm known as Stuxnet but recently authorities conceded that about 30,000 IP addresses had been infected with the malware. The worm affected computers of staff at the Bushehr nuclear plant as well as Internet service providers, but officials say major systems at the plant have not been damaged.
Specialists say the malware of unprecedented expertise was custom-made to target and control particular industrial automation software and manipulate it from remote locations. It uses the Internet to spread, but the worm isn't Internet-based, suggesting "patient zero" was infected physically -- presumably by a USB device. Used for espionage or sabotage, the software infects a computer immediately but can remain latent until activated. At any given moment, there are millions of "zombie computers" around the world awaiting activation, not unlike the way spy agencies use sleeper cells or agents, writes Guy Grimland (in Hebrew) of TheMarker.
When news of Stuxnet broke in July, Symantec blogged that it didn't know who unleashed the worm, but listed several theories, considered who was more or less likely to be behind the attack, and said the attack clearly was not the job of an amateur hack. Among the possible culprits were a "lone wolf"; a disgruntled employee; commercial competition; state-sponsored espionage; those with nationalistic, political and religious motivations; and terrorism, which was "within the realm of possibility" in a case that read "as if it were the latest Hollywood blockbuster."
Now, as experts' analyses of the worm are being published and as it becomes clearer that computers associated with Iran's controversial nuclear program were affected, it is also becoming clearer that Stuxnet is about sabotage, not espionage, and it's way bigger than was apparent. Computer technicians thought they could root out the virus in a month or two, senior Iranian information technology official Hamid Alipur was quoted as saying, but attacks keep coming and new versions of it continue to mutate and spread, hampering cleanup.
Gerry Egan, a top Symantec executive, told CNN that the high level of design and specialized knowledge associated with worm was not something "the average hacker at home or in a garage" would have access to.
The sophistication behind Stuxnet combined with Iran's nuclear facility as an apparent target is spawning much speculation.
The theory among experts is that this "took the resources of a nation-state to create a piece of malware so sophisticated," Richard Falkenrath of Chertoff Group told Bloomberg this week. It is theoretically possible that the U.S. did this, he said, noting that this was a remote possibility. A more likely creator, he said, was Israel.
Did Unit 8200, the Israeli army's technology intelligence branch, plant the worm in Iran? The catchy headline in TheMarker (in Hebrew) asked the same question many others are asking but offered no answer. "We'll probably never know," the story says.
About a year before Stuxnet was discovered (experts believe it took about six months to write the complex code), reports emerged of Israel's turning to cyber warfare to foil Iran's nuclear program. In late 2009, Amos Yadlin, commander of Israeli military intelligence, said the ability to collect information and launch cyber-attacks gives small countries -- and terror groups and even individuals -- power to inflict serious damage unlimited by range. And military intelligence is said to have become a combat arm like an air force or navy.
Concerns about attacks are spreading. This year the U.S. announced Cybercom, a new command to synchronize responses to cyber-threats to military systems. Next month, by the way, has been declared National Cybersecurity Awareness Month.
In the early 2000s, Israel established a central body for defending computer systems involving defense as well as strategic national infrastructure, including water, energy and banking. Most responsibility is entrusted to Shin Bet, Israel's general security service.
-- Batsheva Sobelman in Jerusalem
Top video: Gerry Egan of Symantec talks to CNN. Via YouTube.
Bottom: Richard Falkenrath talks to Bloomberg. Via YouTube.
Its obvious who made it; People from the future!
Like in La jetee and 12 Monkeys they sent someone back in time to prevent Iran from having nukes because they end up nearly the world with them.
think about it, Microsoft said it would have taken 27 years to make this worm.
Posted by: Josue | December 01, 2010 at 04:29 PM
Why make those speculations about Israel, it is dangerous.
Posted by: El | September 29, 2010 at 09:02 PM
"Proxy war" b.s., Lebanon have never initiates any destructive act out side of Lebanon since foreign occupiers left their country in 2000, last time we heard of Lebanon hurting Israelis were during 2006 war, Gaza will follow if Israel do what they're doing with Lebanon which is stop bombing and economically chocking them to death!
Fact of matter is US special interests need a few boogeymen and constant wars here and there to justify stealing majority of our tax money for military industrial complex since Communism is no longer available as a default boogeyman and Zionists tag alone to keep their hegemony and holding on to West Bank dreams alive, fortunately military industrial complex relies on well being of US economy and US economy relies on flow of cheap oil and world oil reserves are depleting fast and therefore US economy will have to shift majority of funding for military industrial complex in to civilian economy sooner rather than later!
Posted by: Joe | September 29, 2010 at 04:37 PM
If Israel did it, BRAVO for them!!!
Posted by: Jim | September 29, 2010 at 10:28 AM
Even if Israel did it, they're a rogue nation and do not comply with UN resolutions or international law (who does?). Israel lies as much as most governments.
an Israeli assault on a Turkish Gaza-bound aid boat on May 31 in which Israeli commando forces opened fire, killing nine Turkish Islamic activists on board and setting off an international dispute.
Israel maintains its forces operated in self-defense after they said they came under attack by a group of passengers. Last week a United Nations Human Rights Council investigation concluded that Israel violated international law in the raid. Israel dismissed the report as biased.
Posted by: Jack C NYC | September 29, 2010 at 10:24 AM
I love the Iranians. They do everything possible to cause death and destruction to Israel through proxy wars, sponsor terrorist attacks, fight proxy wars against Israel via Hizballah, and Hamas, have waged war against the United States since first bombing the US Embassy in Beirut through their group Jihad and now cry boo hoo they are hurting me, when Israel fights back with a techno attack against their abilities to strik against Israel with a nuclear bomb. What a bunch of babies!
Posted by: Stephen Randall Morris | September 28, 2010 at 09:10 PM
Another short sided and strategic blunder, this malware already infecting US and other unintended targeted countries, and it have been discovered so it's useless for sabotage now since Iran nuclear facilities are operating and coming on line according by IAEA, and assuming if it had worked to sabotage Iran nuclear plant, can you imagine another radioactive Chernobyl nuclear accident on top of oil wells of Persian Gulf which are producing 40% of world oil, it's suicidal for world economy even for a state who have created this malware, no wonder this unthoughtful entity is losing wars and prestige for past decades!
Posted by: Joe | September 28, 2010 at 01:31 PM
This is another issue that we want to take credit for and feel better about ourselves. We think that shows we IS smart! Well for one thing the nuclear plant in Busher is very small (few mega watts of power) the amount of automation and computer control systems are minimal and it is a Russian design with no Internet or remote access. The only way this worm can reach that facility is by someone actually attaching a computer to the control panel and downloading the worm. Even then the system will not be able to interface with such device. If this fantasy was true we would have had Russia in chose among other nations.
So, get real and stop fantasizing so much.
Posted by: Esther Haman | September 28, 2010 at 09:58 AM
They are blaming Israel again....
Posted by: atrayu | September 28, 2010 at 06:19 AM
Go Israel!
Posted by: Travis | September 27, 2010 at 11:35 PM