Natanz insider planted Stuxnet

Powered by SC Magazine
 

Insider planted malware using a corrupt memory stick.

The Stuxnet virus was reportedly planted at an Iranian nuclear facility by an insider using a corrupt memory stick.

According to a report by Richard Sale at Industrial Safety and Security Source, the Iranian was "an Israeli proxy" as part of a plan to hold off the Iranian nuclear programme; it said he used a memory stick to infect the machines after "Iranian double agents" were used to target the most vulnerable spots in the system.

In October 2010, Iran's intelligence minister, Heydar Moslehi, said an unspecified number of "nuclear spies" were arrested in connection with the Stuxnet.33 virus. The report said that spies inside Iran had the access, contacts, positions and technical skill to do the job.

“Given the seriousness of the impact on Iran's [nuclear] programme, we believe it took a human agent to spread the virus,” said one former US intelligence source.

The report also claimed that current and former US intelligence sources have confirmed that Israel's intelligence agency, Mossad, was responsible for the worm's introduction to the plant's systems, with the worm believed to have been placed on a specially crafted USB memory stick and handed over to a Natanz worker; this worker was, by all accounts, an Iranian national belonging to a dissident group named Mujahideen-e Khalq (MEK), related to Mossad.

A Symantec report said Stuxnet was distributed far and wide, but the virus was so efficient that it could deliver its payload only to the designated target, and would not damage adjacent machines.

Sale said that in December 1991, just before Desert Storm, the CIA and GCHQ had experimented with using viruses to inject into Iraq's computers; once in place, NSA and GCHQ believed a virus would spread like a virulent cancer through the Iraqi Command & Control system, infecting every computer system it came across.

This article originally appeared at scmagazineuk.com

Copyright © SC Magazine, US edition


Natanz insider planted Stuxnet
 
 
 
Top Stories
How hard do you hack back?
[Blog post] Taking the offensive could have unintended consequences.
 
Five zero-cost ways to improve MySQL performance
How to easily boost MySQL throughput by up to 5x.
 
The big winners from Defence’s back-office IT refresh
Updated: The full list of subcontractors.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  68%
 
Advanced persistent threats
  3%
 
Unpatched or unsupported software vulnerabilities
  11%
 
Denial of service attacks
  6%
 
Insider threats
  12%
TOTAL VOTES: 1015

Vote