Stuxnet worm targeting Iran in works as early as 2005, Symantec finds

The secret cyber-sabotage campaign aimed at Iran’s nuclear program may have been in existence as early as 2005 and may have been capable of inflicting more damage than previously known, according to a security firm’s analysis released Tuesday.

The findings, by the security company Symantec, were announced after the discovery of an earlier variant of Stuxnet, as researchers have dubbed the worm reportedly developed by the United States and Israel.


Latest stories from Foreign

Obama says U.S. will stand by treaty obligations to Japan

Obama says U.S. will stand by treaty obligations to Japan

President says dispute between China and Japan over East China Sea islands should be settled through diplomacy.

Obama meets with relatives of Japanese abducted by North Korea

President Obama met Thursday with three relatives of Japanese citizens abducted by North Korea

Obama reassures Japan as he begins Asian visit

Obama reassures Japan as he begins Asian visit

Early talks include the countries’ roles in security of the region, then a meeting with royalty.

40 more maps that explain the world

40 more maps that explain the world

I’ve searched wide and far for maps that can reveal and surprise and inform in ways that the daily headlines might not.

The variant, which they have called Stuxnet 0.5, was being developed as early as 2005, five years before the discovery of the now-famous version of the worm.

Unlike that version, which caused centrifuges at Iran’s Natanz nuclear facility to speed up and slow down until they crashed, Stuxnet 0.5 was built to modify the pressure of the raw uranium gas being fed into the centrifuges by opening and closing intake valves, thus affecting the centrifuges’ operation, said Vikram Thakur, a researcher with Symantec Security Response.

In some cases, he said, the worm could cause a fivefold increase in the pressure levels. At such pressures, the gas could even have solidified, damaging the centrifuges, he said.

The New York Times has reported that the impetus for the covert cyber program, dubbed “Olympic Games” by U.S. officials, dates from 2006, when President George W. Bush was seeking options to curb Iran’s nuclear ambitions. Iran has said it is developing nuclear capabilities expressly for peaceful purposes.

Individuals familiar with the program have told The Washington Post that Stuxnet was developed by specialists at the National Security Agency under the CIA’s covert authority. Israel collaborated with the United States in the effort, which continued under President Obama, they said.

Symantec’s research also found that the same organization that developed Flame, a sophisticated software program created for espionage purposes, built Stuxnet 0.5. The Post has reported that Flame was jointly built by the United States and Israel as a way to penetrate networks and map them or obtain information without alerting the target.

“The brilliance of Stuxnet lay in [the attackers] being under the radar of the target entity,” Thakur said. Both variants of Stuxnet “tried to do damage in a manner that would seem random” to the targeted party.

The Iranians initially thought the malfunctioning of the centrifuges was the result of technical problems at the plant. But when the virus somehow spread to computers outside Iran, the research community was alerted and eventually concluded that the virus was aimed at Natanz.

Stuxnet destroyed nearly 1,000 uranium-enrichment centrifuges at Natanz.

Thakur said it would be difficult for experts to re-engineer Stuxnet to use against other targets. The sophistication level in both variants is very high and building a weapon depends on deep knowledge of the target, he said.

Read what others are saying