Virus attacking Iran computers though USB port

NY Times:

The government agency that runs Iran’s nuclear facilities and is suspected of playing a crucial role in a weapons program has reported that its engineers are trying to protect their facilities from a sophisticated computer virus that has infected industrial plants across Iran.

The agency, the Atomic Energy Organization, did not specify whether the virus had already infected any of its nuclear facilities, including Natanz, the underground enrichment site that for several years has been a main target of American and Israeli covert programs.

But the announcement raised suspicions, and new questions, about the origins and target of the Stuxnet virus, which computer experts say is a far cry from common viruses that have affected the Internet for years.

Stuxnet, which was first publicly identified several months ago, is aimed solely at industrial equipment made by Siemens that controls oil pipelines, electric utilities, nuclear facilities and other large industrial sites. While it is not clear that Iran was the main target — the infection has also been reported in Indonesia, Pakistan, India and elsewhere — a disproportionate number of computers inside Iran appear to have been struck, according to reports by computer security monitors.

The virus does not spread through the Internet but requires a USB drive to be physically plugged into the computer, allowing it to attack machines that are disconnected from the Internet, usually in an effort to protect them. That requires human access to the affected systems.

I think it is possible that the virus was not launched by a government, although the Israelis would have ample reason to do so. There is a group with even more reason to thwart the government and they have a real grudge against Siemens.

The democracy protesters in Iran were angry with Siemens for helping the government trace their emails and cell phone calls during the disturbances last year. These are people with the motivation and in many cases the access to infect the computers.

Because the virus can be launched by a thumb drive, the chances are remote that Iran will be able to catch those responsible unless they happen to catch someone in the act. It is a clever move. The sanctions make it unlikely Siemens can assist Iran in dealing with it.


Popular posts from this blog

US, Britain and Israel help Iranian nuclear scientist escape

Iran loses another of its allies in Iraq

Texas Congressman Al Green admits to affair with drug using staffer