Stuxnet Computer Virus Made to Attack Iranian Nuclear Reactors?

In a stunning revelation, a computer virus analysts revealed that the Stuxnet computer virus, which behaves like a worm, jumping from computer client to computer client across the Internet, may have been created by a nation state to attack software that runs at the Iranian Bushehr nuclear power plant.

The Iranian nuclear plant is under construction, and is running a Windows based program on Siemens Programmable Logic Controllers, otherwise known as PLC's. PLC's are used on PC's to control larger industrial hardware electronically. Usually a PLC is used for equipment that needs continuous monitoring, and by using the PLC, the computer is able to make small scale changes to the equipment that it is monitoring using very small time steps without human intervention.

Computerworld, UK, reported that Ralph Langner discovered that the virus makes a sophisticated attack on an obscure piece of code within the Siemens PLC software. The code uses a 100 millisecond timer to make monitoring changes. This in turn will cause the PLC to fail.

Langner further speculates that the creator of this virus must have had heavy inside knowledge of the Siemens software in order to create this virus, in other words, it may have been someone from within the company that created the virus.

Most of the computer infections from the Stuxnet worm have occurred on Iranian computers. Langner notes that there have also been many reports of equipment malfunctions occurring at the new Iranian nuclear power plant, and the network security is non-existent. Langner speculates that the Bushehr Nuclear Power plant is already under attack by this virus and that they are "presently having some difficulties down there in Bushehr."

He noted that there were other infections of the Stuxnet worm in the following countries: India, Indonesia, and Pakistan.

Last year, Reuters reported that Israel may make an attempt at stopping Iranian efforts to build a nuclear power plant by using cyberwarfare. The Reuters article stated that malicious software may be used to "corrupt, commandeer, or crash the controls of sensitive sites like uranium enrichment plants."

Traditionally Israel has use air power to destroy any threats to its security when opposing nation-state neighbors begin to have nuclear ambitions. Israel and Iran are separated by a fair amount of geography, and the Reuters article speculated that the Israelis may look for more unconventional methods to disable Iranian nuclear ambitions.

Sources:
http://www.computerworlduk.com/news/security/3240458/stuxnet-virus-may-be-aimed-at-iran-nuclear-reactor/
http://www.langner.com/en/index.htm
http://www.atomstroyexport.com/projects/current/project13/
http://www.sea.siemens.com/us/Products/Automation/Programmable-Controllers/Pages/Programmable-Controllers.aspx