Thursday, September 23, 2010
Are Stuxnet and Bushehr related?
In August Russia announced it would begin loading nuclear fuel into the Bushehr Nuclear Reactor in Iran, giving Iran its first operational nuclear reactor...and another pathway to obtaining fuel for nuclear weapons. The world watched to see if the U.S. or Israel would attack the reactor before the fuel was loaded. (Once nuclear material was loaded into the reactor any attack would have spread nuclear contamination and brought worldwide condemnation on the attackers.) August 21, the date for loading fuel into the reactor came and went without an attack. Or did it?
In what seemed at first to be a totally unrelated event, a computer virus called Stuxnet surfaced about a year ago. This new malware baffled experts by its sophistication. Reports are now surfacing that it might be the first example of a cyber weapon, a virus designed actually to destroy a facility by directing key equipment to malfunction. Though the virus has infected a number of systems worldwide, these experts believe it was designed to seek out and destroy a specific target, and the target hasn't yet been identified.
Based on places already infected by the virus, it appears the epicenter of the attack is Iran. There is speculation the virus might have been introduced into systems there by one of the Russian contractors building the Bushehr nuclear power plant. How? Possibly by something as simple as planting the virus on a memory stick used by an individual when he came to work on the computer system for the plant.
Someone went to a lot of trouble to design this highly sophisticated computer virus. Two possibilities are the U.S. and Israel. Perhaps Israel didn't need to risk attacking the nuclear plant physically (with the potential loss of pilots and planes) because it had already developed another means of attacking the plant--one that did so from the inside.
One final thought. If this is the first example of a virus being used to physically attack a facility, it will almost certainly not be the last. The United States is also vulnerable to such attacks, perhaps even more so since we are so dependent on computer systems to run virtually all aspects of our life.
Keep watching for news about any possible delays in bringing the Bushehr nuclear power plant fully online...and watch for future reports on "weaponized" computer malware!