Stuxnet worm targeting Iran in works as early as 2005, Symantec finds

The secret cyber-sabotage campaign aimed at Iran’s nuclear program may have been in existence as early as 2005 and may have been capable of inflicting more damage than previously known, according to a security firm’s analysis released Tuesday.

The findings, by the security company Symantec, were announced after the discovery of an earlier variant of Stuxnet, as researchers have dubbed the worm reportedly developed by the United States and Israel.


Latest stories from Foreign

South Koreans just want their loved ones’ bodies recovered

South Koreans just want their loved ones’ bodies recovered

As bodies are pulled from the ferry, a transcript gives a clearer picture to the events of the ferry’s sinking.

Egypt’s political generation gap

Egypt’s political generation gap

Many young Egyptians are frustrated about the country’s increasingly authoritarian trajectory.

Shooting at checkpoint raises tensions in eastern Ukraine

Shooting at checkpoint raises tensions in eastern Ukraine

The mayor of the city of Slovyansk asks Russia to send “peacekeepers” after gunfight ends an Easter truce.

40 more maps that explain the world

40 more maps that explain the world

I’ve searched wide and far for maps that can reveal and surprise and inform in ways that the daily headlines might not.

The variant, which they have called Stuxnet 0.5, was being developed as early as 2005, five years before the discovery of the now-famous version of the worm.

Unlike that version, which caused centrifuges at Iran’s Natanz nuclear facility to speed up and slow down until they crashed, Stuxnet 0.5 was built to modify the pressure of the raw uranium gas being fed into the centrifuges by opening and closing intake valves, thus affecting the centrifuges’ operation, said Vikram Thakur, a researcher with Symantec Security Response.

In some cases, he said, the worm could cause a fivefold increase in the pressure levels. At such pressures, the gas could even have solidified, damaging the centrifuges, he said.

The New York Times has reported that the impetus for the covert cyber program, dubbed “Olympic Games” by U.S. officials, dates from 2006, when President George W. Bush was seeking options to curb Iran’s nuclear ambitions. Iran has said it is developing nuclear capabilities expressly for peaceful purposes.

Individuals familiar with the program have told The Washington Post that Stuxnet was developed by specialists at the National Security Agency under the CIA’s covert authority. Israel collaborated with the United States in the effort, which continued under President Obama, they said.

Symantec’s research also found that the same organization that developed Flame, a sophisticated software program created for espionage purposes, built Stuxnet 0.5. The Post has reported that Flame was jointly built by the United States and Israel as a way to penetrate networks and map them or obtain information without alerting the target.

“The brilliance of Stuxnet lay in [the attackers] being under the radar of the target entity,” Thakur said. Both variants of Stuxnet “tried to do damage in a manner that would seem random” to the targeted party.

The Iranians initially thought the malfunctioning of the centrifuges was the result of technical problems at the plant. But when the virus somehow spread to computers outside Iran, the research community was alerted and eventually concluded that the virus was aimed at Natanz.

Stuxnet destroyed nearly 1,000 uranium-enrichment centrifuges at Natanz.

Thakur said it would be difficult for experts to re-engineer Stuxnet to use against other targets. The sophistication level in both variants is very high and building a weapon depends on deep knowledge of the target, he said.

Read what others are saying