Natanz insider planted Stuxnet

The Stuxnet virus was reportedly planted at an Iranian nuclear facility by an insider using a corrupt memory stick.

According to a report by Richard Sale at Industrial Safety and Security Source, the Iranian was "an Israeli proxy" as part of a plan to hold off the Iranian nuclear programme; it said he used a memory stick to infect the machines after "Iranian double agents" were used to target the most vulnerable spots in the system.

In October 2010, Iran's intelligence minister, Heydar Moslehi, said an unspecified number of "nuclear spies" were arrested in connection with the Stuxnet.33 virus. The report said that spies inside Iran had the access, contacts, positions and technical skill to do the job.

“Given the seriousness of the impact on Iran's [nuclear] programme, we believe it took a human agent to spread the virus,” said one former US intelligence source.

The report also claimed that current and former US intelligence sources have confirmed that Israel's intelligence agency, Mossad, was responsible for the worm's introduction to the plant's systems, with the worm believed to have been placed on a specially crafted USB memory stick and handed over to a Natanz worker; this worker was, by all accounts, an Iranian national belonging to a dissident group named Mujahideen-e Khalq (MEK), related to Mossad.

A Symantec report said Stuxnet was distributed far and wide, but the virus was so efficient that it could deliver its payload only to the designated target, and would not damage adjacent machines.

Sale said that in December 1991, just before Desert Storm, the CIA and GCHQ had experimented with using viruses to inject into Iraq's computers; once in place, NSA and GCHQ believed a virus would spread like a virulent cancer through the Iraqi Command & Control system, infecting every computer system it came across.

This article originally appeared at scmagazineuk.com