Stuxnet Worm Did Likely Target Iranian Nuclear Facilities

By Alexis C. Madrigal

New details about the Stuxnet virus suggest, quite clearly, that Iranian facilities were its target. A paper by the Symantec researchers who've been reverse-engineering the highly sophisticated attack software to find out what it could do to industrial systems indicates that centrifuges were the likely target, reports Kim Zetter at Wired's Threat Level.

So, let's walk through what Stuxnet was built to do once it used its various tools and skeleton keys to get inside its target system(s). The virus set itself up between the control systems and frequency converters that are used to control the speed of motors. From that position, it could secretly control motors without alerting anyone to its presence. That is, if the factory had the precise configuration it was looking for; Stuxnet would only go into attack mode if the facility had more than 33 frequency converter drives manufactured by Iran's Fararo Paya or Finland's Vacon.

By itself, that piece of information suggests that Iran was a target of the attack, but the evidence gets more detailed. Stuxnet targets only very high-frequency drives from the two companies. While the centrifuges used to enrich uranium are not the only possible uses for such drives, they sure do fit the bill for that activity. In fact, drives of that speed would be regulated by the Nuclear Regulatory Commission if you tried to export them.

But Stuxnet wasn't designed to destroy the drives or the facility. Its preferred sabotage method was much more subtle. Over long periods of time -- weeks in some cases -- the worm would alter the speed of the motors, pushing it up and down. That precision disruption would, in turn, hurt the purity of any centrifuges' output without calling attention to itself.

"It wanted to lie there and wait and continuously change how a process worked over a long period of time to change the end results," Symantec researcher Liam O Murchu told Zetter.

Put it this way: if Stuxnet wasn't designed to sabotage an Iranian uranium enrichment facility at Natanz, it's hard to imagine what it might have targeted.

This article available online at:

http://www.theatlantic.com/technology/archive/2010/11/stuxnet-worm-did-likely-target-iranian-nuclear-facilities/66604/