Iran confirms Stuxnet cyber attack
Iran has confirmed that the Stuxnet cyber attack was targeted at Iranian industrial facilities. According to communications minister Reza Taqipour, quoted in the Tehran Times, the attacks have so far failed to cause any serious damage. It remains unclear who was behind the attack.
"No crashes or serious damage to the country's industrial computer systems have been reported so far" said Taqipour who did not identify which facilities have been affected by Stuxnet or the extent of any damage, but did affirm that Iranian IT experts possess the necessary expertise to produce anti-virus software capable of cleaning up infected systems.
The head of the Bushehr nuclear plant has confirmed that Stuxnet did infect the plant in Southern Iran, but that staff personal computers were primarily affected. An IT security team is reported to be in place checking computers and removing the malware. Mahmoud Jafari told the Iranian IRNA news agency, "We have not had any problems with the computer system which have affected work in the plant itself."
A day earlier, an IT expert at the Ministry for Industries and Mines had stated that thousands of computers in industrial facilities in Iran were infected by the malware. According to experts at the Iranian Mehr agency, a total of 30,000 computers are affected. Many of the control systems used in Iranian industrial plant are manufactured by German company Siemens. Stuxnet specifically attacks Siemens systems and then sends data to an overseas server.
In recent days, there have been repeated reports that the Stuxnet malware is specifically targeted at the Iranian nuclear programme, although this remains unconfirmed. The Tehran based ISNA agency has reported that the Iranian nuclear authorities are looking for ways to remove the trojan. Other Iranian media sources report that a number of ministries have formed a joint working group to fight the virus.
Expert and author Arne Schönbohm recently told German business weekly magazine Wirtschaftswoche (German language link) that a virus-mediated attack on Iranian nuclear facilities was an entirely credible scenario, "Cyberspace is now seen as a fifth field of military conflict, alongside the ground, air, water and space." According to security company Symantec, Stuxnet infects programmable logic controllers (PLC) via the WinCC system.