When you have Stuxnet:
The Stuxnet virus, which has attacked Iran's nuclear facilities and which Israel is suspected of creating, has set back the Islamic Republic's nuclear program by two years, a top German computer consultant who was one of the first experts to analyze the program's code told The Jerusalem Post on Tuesday.
"It will take two years for Iran to get back on track," Langer said in a telephone interview from his office in Hamburg, Germany. "This was nearly as effective as a military strike, but even better since there are no fatalities and no full-blown war. From a military perspective, this was a huge success."
Alexis Madrigal points me to this piece, by Jeffrey Carr, positing a possible Finnish-Chinese connection to the virus:
I uncovered a connection between two of the key players in the Stuxnet drama: Vacon, the Finnish manufacturer of one of two frequency converter drives targeted by this malware; and RealTek, who's digital certificate was stolen and used to smooth the way for the worm to be loaded onto a Windows host without raising any alarms. A third important piece of the puzzle, which I'll discuss later in this article, directly connects a Chinese antivirus company which writes their own viruses with the Stuxnet worm.
This is, as they say, above my pay grade; I couldn't explain, even if you pointed the Stuxnet virus at my head and threatened to shoot, how it actually works. If it is true, however, that Stuxnet is still corrupting Iranian computers so many months after it was introduced, it is something like a miracle. I still find it difficult to imagine that a computer virus may be able to achieve what many people thought only the American or Israeli air forces could achieve.