‘Stuxnet virus attacked Iran earlier than thought’

Researchers uncover previously unknown version of the malicious program that sabotaged Natanz nuclear facility in 2010

Computer motherboard (photo credit: Shay Levy/ Flash 90)
Computer motherboard (photo credit: Shay Levy/ Flash 90)

A version of the Stuxnet computer virus that attacked Iran’s Natanz nuclear facility was activated in 2007, two years earlier than previously suspected, according to a report released by the antivirus company Symantec on Tuesday at a security conference.

Stuxnet made international headlines in 2010 when it wrought havoc on enrichment equipment at the Iranian plant and complicated its production of uranium, which the West suspects is intended for making atomic weapons.

According to Symantec, an early version of the malicious program, which it labeled “Stuxnet 0.5,” was in development as far back as 2005, when Iran was still constructing the Natanz facility. The virus was deployed in 2007, the same year that the site began operating, the report said.

“This attack could have damaged many centrifuges without destroying so many that the plant operator would have become suspicious,” said a report by the Institute for Science and International Security, according to Reuters.

The earlier version of the virus was apparently designed to attack the facility in a previously unknown method, by opening and closing valves that feed hydrogen hexafluoride gas into centrifuges in order to damage the equipment by raising the gas pressure.

The full version of Stuxnet, which Symantec says it has reverse-engineered to learn how it works, famously sabotaged the centrifuges by changing their rotating speeds without the knowledge of the equipment’s operators. The difference in the versions shows that the attackers changed their tactics from targeting the valves to going for the centrifuges themselves, Wired reported.

Despite the new revelations, Symantec researchers told Reuters that they still have no evidence as to who was behind the virus. The finger has long been pointed at the United States and Israel, the countries that have spearheaded the international campaign against Iran’s nuclear program. According to a June 2012 report from the Washington Post, the virus-attack program began under president George W. Bush and proceeded with the blessing of President Barack Obama.

No one will ever know definitively who authored and distributed Stuxnet, said Dr. Tal Pavel, an expert on Internet usage and hacking in the Middle East.

“The nature of computer hacking is that it is anonymous, and even if you trace an attack to a server, you cannot know for sure that the owners of that server are behind the attack. In fact, it’s almost a sure thing that their server was hijacked by the hackers carrying out the attack,” since masking their internet address (IP spoofing) is a cardinal tenet of the hacker business, he told The Times of Israel. And while it makes sense that the Israel and/or the US would be seeking to prevent Iran from moving forward with its nuclear program, “we will probably never know definitively.”

The computer virus abruptly self-destructed in June 2012.

Most Popular
read more: