Iran denies Stuxnet worm hit nuclear plant

By Laurent Maillard


TEHRAN - The malicious Stuxnet computer worm has hit 30,000 industrial computers in Iran, officials said overnight, but denied the Islamic republic's first nuclear plant at Bushehr was among those infected.

So far, Stuxnet has infected about 30,000 IP addresses in Iran, Mahmoud Liayi, head of the information technology council at the ministry of industries, was quoted as saying by the government-run newspaper Iran Daily.

Stuxnet, which was publicly identified in June, was tailored for Siemens supervisory control and data acquisition, or SCADA, systems commonly used to manage water supplies, oil rigs, power plants and other industrial facilities.

The worm is able to recognise a specific facility's control network and then destroy it, according to German computer security researcher Ralph Langner, who has been analysing the malicious software.

Langner said he suspected Stuxnet was targeting Bushehr nuclear power plant, where unspecified problems have been blamed for delays in getting the facility fully operational.

Siemens said its software has not been installed at the plant, and an Iranian official denied the malware may have infected nuclear facilities.

"This virus has not caused any damage to the main systems of the Bushehr power plant," Bushehr project manager Mahmoud Jafari said on Iran's Arabic-language Al-Alam television network.

"All computer programmes in the plant are working normally and have not crashed due to Stuxnet," said Jafari, adding there was no problem with the plant's fuel supply.

The official IRNA news agency meanwhile quoted him as saying the worm had infected some "personal computers of the plant's personnel."

And he told Fars news agency that so far, five versions of the malware had been detected in Iran.

Echoing Jafari's denial, the deputy head of Iran's Atomic Energy Organisation in charge of safety and security, Asghar Zarean, said neither the plant nor the organisation's computers were affected.

"Due to the precautions we have already employed for our systems, in our investigations we have not come across any penetration by the virus into our systems," Zarean was quoted as saying by IRNA
.
The self-replicating worm has been found lurking on Siemens systems mostly in India, Indonesia and Pakistan, but the heaviest infiltration appears to be in Iran, according to researchers.

Telecommunications minister Reza Taqipour said "the worm has not been able to penetrate or cause serious damage to government systems."

According to Iran Daily, telecoms official Saeed Mahdiyoun said "teams of experts had begun to systematically eliminate the virus."

Meanwhile Liayi said given its complexity, Stuxnet was "likely a (foreign) government project," without giving details.

The newspaper cited various experts who suggested the United States and Israel were behind the malware, evoking the "West's electronic warfare against Iran."

Liayi said industries were currently receiving systems to combat Stuxnet, while stressing Iran had decided not to use anti-virus software developed by Siemens because "they could be carrying a new version of the malware."

"When Stuxnet is activated, the industrial automation systems start transmitting data about production lines to a main designated destination by the virus," Liayi said.

"There, the data is processed by the worm's architects and then engineer plots to attack the country."

Iran's nuclear ambitions are at the heart of a conflict between Tehran and the West, which suspects the Islamic republic is seeking to develop atomic weapons under the cover of a civilian drive.

Tehran denies the allegation and has pressed on with its enrichment programme - the most controversial aspect of its nuclear activities - despite four sets of UN Security Council sanctions.

- AFP

© Copyright 2014, APN New Zealand Limited

Assembled by: (static) on red akl_a5 at 21 Aug 2014 06:25:09 Processing Time: 582ms