A powerful computer code attacking industrial facilities around the world, but mainly in Iran, was probably created by experts working for a country or a well-funded private group, according to an analysis by a leading computer security company.
The malicious code, called Stuxnet, was designed to go after several “high-value targets,” said Liam O Murchu, manager of security response operations at Symantec. But both Mr O Murchu and US government experts said there is no proof it was developed to target nuclear plants in Iran, despite recent speculation from some researchers.
Creating the malicious code would have required a team of five to 10 highly educated and well-funded hackers. Government experts and outside analysts said they have not been able to determine who developed it or why.
The malware has infected as many as 45,000 computer systems around the world. Siemens AG, the company that designed the system targeted by the worm, said it has infected 15 of the industrial control plants it was apparently intended to infiltrate. It’s not clear what sites were infected, but they could include water filtration, oil delivery, electrical and nuclear plants.
None of those infections has adversely affected the industrial systems, according to Siemens.
US officials said last month that the Stuxnet was the first malicious computer code specifically created to take over systems that control the inner workings of industrial plants.
The Energy Department has warned that a successful attack against critical control systems “may result in catastrophic physical or property damage and loss”.
Mr O Murchu said Symantec’s analysis of the code shows that nearly 60% of the computers infected with Stuxnet are in Iran. An additional 18% are in Indonesia. Less than 2% are in the US.
“This would not be easy for a normal group to put together,” said Mr O Murchu. He said “it was either a well-funded private entity” or it “was a government agency or state-sponsored project” created by people familiar with industrial control systems.
A number of governments with sophisticated computer skills would have the ability to create such a code. They include China, Russia, Israel, Britain, Germany and the United States. But Mr O Murchu said no clues have been found within the code to point to a country of origin.
MichaelSuguitan.Com
Powerful Stuxnet virus attacks Iran
Reply With Quote
Posting Permissions
