(by Yaakov Katz, JerusalemPost.com) – The Stuxnet virus, which has attacked Iran’s nuclear facilities and which Israel is suspected of creating, has set back the Islamic Republic’s nuclear program by two years, a top German computer consultant who was one of the first experts to analyze the program’s code told The Jerusalem Post on Tuesday.
“It will take two years for Iran to get back on track,” [Ralph] Langer said in a telephone interview from his office in Hamburg, Germany. “This was nearly as effective as a military strike, but even better since there are no fatalities and no full-blown war. From a military perspective, this was a huge success.”
Langer spoke to the Post amid news reports that the virus was still infecting Iran’s computer systems at its main uranium enrichment facility at Natanz and its [nuclear] reactor at Bushehr.
[NOTE ON URANIUM ENRICHMENT: Enriched uranium is a critical component for both civil nuclear power generation and military nuclear weapons. The International Atomic Energy Agency attempts to monitor and control enriched uranium supplies and processes in its efforts to ensure nuclear power generation safety and curb nuclear weapons proliferation (buildup).]
Last month, the International Atomic Energy Agency (IAEA), the United Nation’s nuclear watchdog, said that Iran had suspended work at its nuclear-field production facilities, likely a result of the Stuxnet virus.
According to Langer, Iran’s best move would be to throw out all of the computers that have been infected by the worm, which he said was the most “advanced and aggressive malware in history.” But, he said, even once all of the computers were thrown out, Iran would have to ensure that computers used by outside contractors were also clean of Stuxnet.
“It is extremely difficult to clean up installations from Stuxnet, and we know that Iran is no good in IT [information technology] security, and they are just beginning to learn what this all means,” he said. “Just to get their systems running again they have to get rid of the virus, and this will take time, and then they need to replace the equipment, and they have to rebuild the centrifuges at Natanz and possibly buy a new turbine for Bushehr.”
Widespread speculation has named Israel’s Military Intelligence Unit 8200, known for its advanced Signal Intelligence (SIGINT) capabilities, as the possible creator of the software, as well as the United States.
Langer said that in his opinion at least two countries – possibly Israel and the United States – were behind Stuxnet.
Israel has traditionally declined comment on its suspected involvement in the Stuxnet virus, but senior IDF officers recently confirmed that Iran had encountered significant technological difficulties with its centrifuges at the Natanz enrichment facility.
“We can say that it must have taken several years to develop, and we arrived at this conclusion through code analysis, since the code on the control systems is 15,000 lines of code, and this is a huge amount,” Langer said.
“This piece of evidence led us to conclude that this is not by a hacker,” he continued. “It had to be a country, and we can also conclude that even one nation-state would not have been able to do this on its own.”
Eric Byres, a computer security expert who runs a website called Tofino Security, which provides solutions for industrial companies with Stuxnet-related problems, told the Post on Tuesday that the number of Iranians visiting his site had jumped tremendously in recent weeks – a likely indication that the virus is still causing great disarray at Iranian nuclear facilities.
“What caught our attention was that last year we maybe had one or two people from Iran trying to access the secure areas on our site,” Byres said. “Iran was never on the map for us, and all of a sudden we are now getting massive numbers of people going to our website, and people who we can identify as being from Iran.”
Byres said that some people openly identified themselves as Iranian when asking for permission to log onto his website, while others were impersonating employees of industries with which he frequently works.
“There are a large number of people trying to access the secure areas directly from Iran and other people who are putting together fake identities,” he said. “We are talking about hundreds. It could be people who are curious about what is going on, but we are such a specialized site that it would only make sense that these are people who are involved in control systems.”
Reprinted here for educational purposes only. May not be reproduced on other websites without permission from the Jerusalem Post. Visit the website at jpost.com.
Read the “Background” below the questions before answering.
1. How were Iran’s nuclear facilities attacked, according to computer expert Ralph Langer, and how effective was the attack? Be specific.
2. a) Who is believed to be responsible for attacking Iran’s nuclear computers?
b) What evidence is there that Stuxnet was not done by a hacker?
3. What announcement did the UN’s IAEA make regarding Iran’s nuclear program last month?
4. What will Iran have to do to rid its nuclear facilities of the Stuxnet virus, according to expert Langer?
5. Iranian leaders have been calling for the destruction of Israel for years. It is widely believed that once obtained, Iran will use nuclear weapons against Israel. Was using the Stuxnet computer virus the best way for Israel to protect itself from Iran? Explain your answer.
IRAN’S NUCLEAR PROGRAM:
- Iran’s 20 year secret nuclear program was discovered in 2002. Iran says its program is for fuel purposes only, but it has been working on uranium enrichment which is used to make nuclear bombs.
- Under the United Nations’ NPT (Non Proliferation Treaty) countries are not allowed to make nuclear weapons (except for the 5 that had nuclear weapons prior to the treaty – the U.S., Russia, China, France, the United Kingdom).
- Safeguards are used to verify compliance with the Treaty through inspections conducted by the UN’s nuclear watchdog, the IAEA (International Atomic Energy Agency).
- The IAEA issued a report on Sept. 15, 2008 that said Iran has repeatedly blocked an investigation into its nuclear program and the probe is now deadlocked.
- The U.N. Security Council has already imposed three sets of sanctions on Iran over its nuclear defiance. Despite the sanctions, Iran has refused to end its nuclear program.
- A group of U.S. and Russian scientists said in a report issued in May 2009 that Iran could produce a simple nuclear device in one to three years and a nuclear warhead in another five years after that. The study, published by the nonpartisan EastWest Institute, also said Iran is making advances in rocket technology and could develop a ballistic missile capable of firing a 2,200-pound nuclear warhead up to 1,200 miles “in perhaps six to eight years.”
- The Iranian government has called for the destruction of Israel on numerous occasions. It is believed that once obtained, Iranian President Ahmadinejad would use nuclear weapons against Israel.
THE STUXNET COMPUTER VIRUS:
- Stuxnet is a Windows-specific computer worm first discovered in July 2010 by VirusBlokAda, a security firm based in Belarus.
- While it is not the first time that hackers have targeted industrial systems, it is the first discovered worm that spies on and reprograms industrial systems, and the first to include a programmable logic controller (PLC) rootkit.
- It was specifically written to attack Supervisory Control And Data Acquisition (SCADA) systems used to control and monitor industrial processes.
- Stuxnet includes the capability to reprogram the PLCs and hide its changes.
- The worm’s probable target is said to have been high value infrastructures in Iran using Siemens control systems.
- According to news reports the infestation by this worm might have damaged Iran’s nuclear facilities in Natanz and eventually delayed the start up of Iran’s Bushehr Nuclear Power Plant.
- Although Siemens has stated that the worm has not caused any damage, on November 29, 2010 Iran confirmed that its nuclear program had indeed been damaged by Stuxnet. …
- Kevin Hogan, Senior Director of Security Response at Symantec, noted that 60% of the infected computers worldwide were in Iran, suggesting its industrial plants were the target.
- Kaspersky Labs concluded that the attacks could only have been conducted “with nation-state support”, making Iran the first target of real cyberwarfare. (from wikipedia)
Go to worldatlas.com for a map of Iran and the Middle East.
Read previous articles about the Iranian government’s views at:
Daily “Answers” emails are provided for Daily News Articles, Tuesday’s World Events and Friday’s News Quiz.