Computer Worm Wreaking Havoc on Iran 's Nuclear Capabilities
Wednesday, 27 Apr 2011 03:39 PM
An internal report by a special intelligence unit in Iran has concluded that the Stuxnet malware computer virus that has infected Iran ’s nuclear facilities is so dangerous it could shut down the entire national power grid.
The report, written by the Iranian Passive Defense Organization, chaired by Revolutionary Guards Gen. Gholam-Reza Jalali, states that Stuxnet has so thoroughly infected the operating systems at the Bushehr power plant that work on the plant must be halted indefinitely.
If the Bushehr power plant were to go on line, “the internal directives programmed into the structure of the virus can actually bring the generators and electrical power grid of the country to a sudden halt, creating a “heart attack type of work stoppage,” the report states.
The report was obtained by the “Green Liaison news group,” Iranian journalists affiliated with presidential candidate Mir Hussein Mousavi, and was translated into English by Reza Kahlili, a former Revolutionary Guards officer who spied on behalf of the CIA for over a decade while inside Iran .
The report claims that Stuxnet “has automatic updating capabilities in order to track and pirate information,” and that it “can destroy system hardware step-by-step."
Gen. Jalali has held two press conferences in recent weeks where he has given tantalizing glimpses into the conclusions of his top-secret task force to analyze and defuse the Stuxnet computer worm. At one, he blamed Israel for collaborating in developing the worm and claimed that his experts had traced “reports” sent by the worm back to Texas .
“Enemies have attacked industrial infrastructure and undermined industrial production through cyberattacks. This was a hostile action against our country,” Jalali said. “If it had not been confronted in time, much material damage and human loss could have been inflicted.”
Jalali also lashed out at Siemens, the German firm that sold Iran the Supervisory Control and Data Acquisition (SCADA) process controllers used to run the Bushehr power plant, the Natanz uranium enrichment plant, and other industrial facilities in Iran .
"Our executive officials should legally follow up the case of Siemens SCADA software, which prepared the ground for the Stuxnet virus," he said.
"The Siemens company must be held accountable and explain how and why it provided the enemies with the information about the codes of SCADA software and paved the way for a cyberattack against us," he said.
Siemens has said it was blindsided by Stuxnet, and began publishing its own research and tools to remove the worm from infected computers last fall.
On Monday, Jalali claimed that his intelligence unit, which merges computer analysts from the intelligence ministry and the Revolutionary Guards intelligence service, had found a new computer virus attacking Iran ’s nuclear facilities called “Stars.”
He called “Stars” an “espionage virus,” and said that it copied government files and was difficult to destroy in its early stages.
Kahlili believes that Gen. Jalali’s admission of the damage wrought by Stuxnet is significant, since until now the Iranian authorities have suggested that everything was under control. “This is the first official statement out of
“They held back for a long time in order to solve the problem, but have gone public because they haven’t succeeded in doing so. This shows the extent of the damage to the Bushehr power plant. What Jalali is saying is that they are holding the
Ralph Langner, the German computer security expert who first identified the specifics of the malicious code used by Stuxnet, says that the worm contains two “digital warheads” that seek out specific control systems to attack. But its targets are computers driving
“Anything that went wrong in Bushehr cannot be attributed to Stuxnet. It may be attributed to other sabotage acts, to stupidity, or whatever,” he told Newsmax in an email.
Because the Iranians reported early on that Stuxnet had infected Bushehr, Langner spent several months investigating what systems Stuxnet might attack at the Russian-built plant, before setting aside that thesis based on his analysis of the worm’s internal code.
“It would certainly be a good idea for Iran to clean up all systems before going operational in Bushehr (and before resuming operations in Natanz) as any further attempts to remove the virus when the plant is running will be much harder or even impossible,” Langner wrote in his blog on Feb. 1. “As long as there is even a single system in the nuclear program still infected with Stuxnet, those centrifuges continue to be at risk.”
Russian experts and officials have been warning for several months that the Bushehr power plant has become too dangerous to operate because of the Stuxnet infection. In February, Russia 's envoy to NATO, Dmitry Rogozin, described to reporters an incident he claimed had been witnessed by Russian engineers working at the plant.
The engineers "saw on their screens that the systems were functioning normally, when in fact they were running out of control," he said. This was because Stuxnet was sending out false messages to the control instruments the engineers normally monitored.
The Russian engineers performed additional tests that determined physical malfunctions were occurring at the plant and then removed all nuclear fuel from the reactor. "The virus which is very toxic, very dangerous, could have had very serious implications," Rogozin said.
Earlier this month, Iran refueled the Bushehr nuclear power plant and seemed ready to start the reactor, but Jalali’s report has put an indefinite hold on operations there.
The Iranian parliament recently sent a separate report to Supreme Leader Ali Khamenei saying that Bushehr had become so expensive and so many years behind schedule that it would be cheaper and quicker to build a new nuclear power plant and shut the Bushehr site definitively, Kahlili said.
© Newsmax. All rights reserved.