Israeli cyber unit responsible for Iran computer worm – claim

In the Bible, The Book of Esther tells how the queen pre-empted an attack on the country's Jewish population and then persuaded her husband to launch an attack before being attacked themselves.

Israel has threatened to launch a pre-emptive attack on Iran's facilities to ensure that the Islamic state does not gain the ability to threaten its existence.

Ralf Langner, a German researcher, claims that Unit 8200, the signals intelligence arm of the Israeli defence forces, perpetrated the computer virus attack by infiltrating the software into the Bushehr nuclear power station

Mr Langer said: "If you read the Bible you can make a guess."

Computer experts have spent months tracing the origin of the Stuxnet worm, a sophisticated piece of malicious software, or malware, that has infected industrial operating systems made by the German firm Siemens across the globe.

Programmers following Stuxnet believe it was most likely introduced to Iran on a memory stick, possibly by one of the Russian firms helping to build Bushehr. The same firm has projects in Asia, including India and Indonesia which were also attacked. Iran is thought to have suffered 60 per cent of the attacks.

Mr Langner said: "It would be an absolute no-brainer to leave an infected USB stick near one of these guys and there would be more than a 50 per cent chance of him pick it up and infect his computer."

Cyber security experts said that Israel was the most likely perpetrator of the attack and had been targeting Iran but that it had not acknowledged a role to its allies.

"Nobody is willing to accept responsibility for this particular piece of malicious software which is a curious, complex and powerful weapon," said one Whitehall expert.

The Iranian authorities acknowledged the worm had struck Bushehr and a statement conceded that the plant would come into operation in January, two months later than planned.

Elizabeth Katina, a researcher at the Royal United Services Institute, said the possibility of a copycat attack on British or American electricity networks or water supplies had been elevated by the release of Stuxnet.

"Critical national infrastructure is at greater risk because this shows groups on the outside of governments how to do it," she said. "It's more likely now that the northeast of England power grid can be shut down until someone decides to start it up again."

http://www.telegraph.co.uk/news/worldnews/middleeast/israel/8034987/Is...

Stuxnet 'cyber superweapon' moves to China

BEIJING — A computer virus dubbed the world's "first cyber superweapon" by experts and which may have been designed to attack Iran's nuclear facilities has found a new target -- China.

The Stuxnet computer worm has wreaked havoc in China, infecting millions of computers around the country, state media reported this week.

Stuxnet is feared by experts around the globe as it can break into computers that control machinery at the heart of industry, allowing an attacker to assume control of critical systems like pumps, motors, alarms and valves.

It could, technically, make factory boilers explode, destroy gas pipelines or even cause a nuclear plant to malfunction.

The virus targets control systems made by German industrial giant Siemens commonly used to manage water supplies, oil rigs, power plants and other industrial facilities.

"This malware is specially designed to sabotage plants and damage industrial systems, instead of stealing personal data," an engineer surnamed Wang at antivirus service provider Rising International Software told the Global Times.

"Once Stuxnet successfully penetrates factory computers in China, those industries may collapse, which would damage China's national security," he added.

Another unnamed expert at Rising International said the attacks had so far infected more than six million individual accounts and nearly 1,000 corporate accounts around the country, the official Xinhua news agency reported.

The Stuxnet computer worm -- a piece of malicious software (malware) which copies itself and sends itself on to other computers in a network -- was first publicly identified in June.

It was found lurking on Siemens systems in India, Indonesia, Pakistan and elsewhere, but the heaviest infiltration appears to be in Iran, according to software security researchers.

A Beijing-based spokesman for Siemens declined to comment when contacted by AFP on Thursday.

Yu Xiaoqiu, an analyst with the China Information Technology Security Evaluation Centre, downplayed the malware threat.

"So far we don't see any severe damage done by the virus," Yu was quoted by the Global Times as saying.

"New viruses are common nowadays. Both personal Internet surfers and Chinese pillar companies don't need to worry about it at all. They should be alert but not too afraid of it."

A top US cybersecurity official said last week that the country was analysing the computer worm but did not know who was behind it or its purpose.

"One of our hardest jobs is attribution and intent," Sean McGurk, director of the National Cybersecurity and Communications Integration Center (NCCIC), told reporters in Washington.

"It's very difficult to say 'This is what it was targeted to do,'" he said of Stuxnet, which some computer security experts have said may be intended to sabotage a nuclear facility in Iran.

A cyber superweapon is a term used by experts to describe a piece of malware designed specifically to hit computer networks that run industrial plants.

"The Stuxnet worm is a wake-up call to governments around the world," Derek Reveron, a cyber expert at the US Naval War School, was quoted as saying Thursday by the South China Morning Post.

"It is the first known worm to target industrial control systems."

http://www.google.com/hostednews/afp/article/ALeqM5iFRHUmI2w6HaAFZq-wU...