Natanz insider planted Stuxnet

Powered by SC Magazine
 

Insider planted malware using a corrupt memory stick.

The Stuxnet virus was reportedly planted at an Iranian nuclear facility by an insider using a corrupt memory stick.

According to a report by Richard Sale at Industrial Safety and Security Source, the Iranian was "an Israeli proxy" as part of a plan to hold off the Iranian nuclear programme; it said he used a memory stick to infect the machines after "Iranian double agents" were used to target the most vulnerable spots in the system.

In October 2010, Iran's intelligence minister, Heydar Moslehi, said an unspecified number of "nuclear spies" were arrested in connection with the Stuxnet.33 virus. The report said that spies inside Iran had the access, contacts, positions and technical skill to do the job.

“Given the seriousness of the impact on Iran's [nuclear] programme, we believe it took a human agent to spread the virus,” said one former US intelligence source.

The report also claimed that current and former US intelligence sources have confirmed that Israel's intelligence agency, Mossad, was responsible for the worm's introduction to the plant's systems, with the worm believed to have been placed on a specially crafted USB memory stick and handed over to a Natanz worker; this worker was, by all accounts, an Iranian national belonging to a dissident group named Mujahideen-e Khalq (MEK), related to Mossad.

A Symantec report said Stuxnet was distributed far and wide, but the virus was so efficient that it could deliver its payload only to the designated target, and would not damage adjacent machines.

Sale said that in December 1991, just before Desert Storm, the CIA and GCHQ had experimented with using viruses to inject into Iraq's computers; once in place, NSA and GCHQ believed a virus would spread like a virulent cancer through the Iraqi Command & Control system, infecting every computer system it came across.

This article originally appeared at scmagazineuk.com

Copyright © SC Magazine, US edition


Natanz insider planted Stuxnet
 
 
 
Top Stories
NBN Co names first 140 FTTN sites
National trial extended.
 
Cloud, big data propel bank CISOs into the boardroom
And this time, they are welcome.
 
Photos: A tour of CommBank's new innovation lab
Oculus Rift, Kinect and more.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
In which area is your IT shop hiring the most staff?




   |   View results
IT security and risk
  26%
 
Sourcing and strategy
  12%
 
IT infrastructure (servers, storage, networking)
  23%
 
End user computing (desktops, mobiles, apps)
  13%
 
Software development
  26%
TOTAL VOTES: 231

Vote
Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results
Yes
  62%
 
No
  38%
TOTAL VOTES: 71

Vote