Computer super-virus 'targeted Iranian nuclear power station' but who made it?

http://www.dailymail.co.uk/sciencetech/article-1314580/Stuxnet-worm-targeted-Iranian-nuclear-power-station-sophisticated-virus-attack-ever.html

Computer super-virus 'targeted Iranian nuclear power station' but who made it?

By Niall Firth
24th September 2010

The world’s first cyber ‘super weapon’ may have been designed to attack a nuclear power station in Iran, experts believe.

A computer virus called Stuxnet has been described as the most sophisticated 'worm' ever created and has already infected more than 45,000 networks worldwide.

<snip>

Now internet security experts fear that Stuxnet, which was first detected in June, is the first 'worm' specifically created to target real-world infrastructure such as power stations and water plants.

And they say that it is so sophisticated that only a country with a high level of computer programming know-how would have been able to create it.

<snip>

It then launches an attack by reprogramming software to give any industrial machinery new, potentially dangerous, instructions.

The US? just a guess... :shrug:

But sadly, if I utter it, the thread will likely get moved then locked.

funded by one of the "U" countries

:evilgrin:

Some comments from that website pointed out that critical systems that run infrastructure should never be attached directly to the Internet.

The article pointed out that the infected PCs were running Microsoft software. Considering that Microsoft software is so buggy and insecure (there are tens of thousands of viruses and worms that can attack such PCs), no one in their right mind would use PCs running MS software to operate any critical systems.

Considering that the new "worm" attacked a system developed by the German company Siemens and was allegedly reverse-engineered by a German cyber-security researcher, one could postulate that the alleged "worm" is really just to cover up very badly written code in the system. Having worked many years as a programmer, in which I spent most of my time fixing other people's coding mistakes, this is the first thought that came to mind.

This other comment also alerted me to the idea that the "worm" may be a cover up for lousy, bug-ridden code:

"Mr Langer says that the sophistication of the virus means that only a ‘nation state’ could have developed it."

Any corporation that develops such software and had competent software engineers would be able to reverse engineer it and add the appropriate code. Langer's statement is nonsense.

appreciated

This is just Conficker redux, not some paradigm-shifting, unpredictable, advanced attack and control system.

...(Damn can't believe I'm defending the great Satan here) your points about platform security are unwarranted.

Independent evaluations have on multiple occasions shown that other vendors are equally bad (or worse) as M$. M$ just gets more hacker attention (and subsequent bad press) because of simple ubiquity of target.

You're right, pointing the finger at nation states is crap. A script kiddie with a basic knowledge of utilities infrastructure could have done this quite easily.

Nation states may well be working on compromise software of this nature. However, I'd lay London to a housebrick that the vast majority of such efforts are never deployed, simply updated as each hole gets closed.

Like this they are minor annoyances. When used properly, (as intended) it won't be a nuke plant going down, it will be an entire country plunged into the 19th century.

Just saying...

Pieces of Stuxnet have been around for two years now (some, even longer), and were "discovered" by at least 2 companies, and one individual. No "country" needed.

For example:
http://www.computerworld.com/s/article/9187300/Microsoft_confirms_it_missed_Stuxnet_print_spooler_zero_day_

There's also Conficker code in it, for pete's sake, and it uses the same strategy as Conficker: Attack systems at a large number of weak points.