Report: Iran confirms Stuxnet hit centrifuges

The Stuxnet worm hit centrifuges used to enrich uranium at Iran's nuclear sites, the Reuters news agency quoted Iran's President Mahmoud Ahmadinejad as saying Monday.

According to the report, Ahmadinejad said that enemies of Iran "succeeded in creating problems for a limited number of our centrifuges with the software they had installed in electronic parts," speaking in a news conference. "They did a bad thing. Fortunately our experts discovered that and today they are not able (to do that) anymore," he added.

The comments apparently provide confirmation that Iran's nuclear program was indeed the target of the most talked-about computer worm of the year. Discovered in July, Stuxnet is the first worm designed to attack industrial systems such as power plants or nuclear reactors.

Iran had previously confirmed that the worm affected systems in the country, including non-critical systems at a nuclear reactor. But this is the first time it has said that Stuxnet also affected centrifuges.

Security researchers now believe that Stuxnet had at least two targets: centrifuges such as the ones Ahmadinejad referred to on Monday, and another type of industrial system targeted with what's known as the worm's 417 attack code.

Stuxnet researcher Ralph Langner believes that this second target may have been a turbine at Iran's Bushehr nuclear reactor.

Stuxnet is unusual in that it seeks out very specific industrial systems and then tries to disrupt their operations. With Ahmadinejad's comments, we now know what one of those targets was, said Eric Byres, chief technology officer with Byres Security. "We've got a pretty small set of potential victims, and one of the victims is sticking up their hand to say, 'Yeah we got hit.'"

The worm is designed to slow down and then speed up centrifuges, either ruining the uranium being refined or stressing the devices so much that they break, Byres said.

"The thing we don't know right now is what the heck was the second victim," he added.

Robert McMillan covers computer security and general technology breaking news for The IDG News Service. Follow Robert on Twitter at @bobmcmillan. Robert's e-mail address is robert_mcmillan@idg.com

FREE Computerworld Insider Guide: IT Certification Study Tips
Join the discussion
Be the first to comment on this article. Our Commenting Policies