Stuxnet did get to the Iranian nuclear plant in Bushehr

Today there was news that the official news agency of Iran reported the defeat of some computer systems of the Iranian nuclear plant with the integrated worm Stuxnet. Previously, experts said that this malicious code was “sharpened” for industrial facilities, and immediately there were experts claiming that this worm was created to destroy the Iranian nuclear plant. It is clear that speculation on this topic is being conducted in a variety of media, from very serious publications to the “yellow” press, but so far there is no evidence that Stuxnet was created for Iran.

Mahmoud Jafari, head of the Bushehra nuclear plant, claims that although the worm hit some computer systems, it did not cause any harm to the main systems of the plant.
')
Now there are two main opinions of computer security experts about this worm. The first is “Stuxnet is not necessarily created by someone to destroy Iran’s industrial facilities” and the second is “Stuxnet was created by more than one hacker, but by a whole range of specialists who are well versed in the functioning of industrial proprietary software, especially software.”

The latter opinion is based on the fact that Stuxnet, firstly, has an extremely complex structure, on which experts are still working. Secondly, in the Stuxnet code there are no individual "tags" that are inherent in almost any software created by individuals. In general, the likelihood that Stuxnet was created by a lone hacker is zero.

And yet - the same experts (for example, Paul Ferguson from TrendMicro) believe that with the advent of such a worm as Stuxnet, a truly serious cyber-weapon appeared in the world that does not steal someone’s credit card numbers, but can lead to serious accidents at very dangerous industrial sites. This type of threat, according to Ferguson, is “absolutely new, and this is the reason that many experts literally began to intimidate the government in order for it to start taking serious security measures.”

Stuxnet attracted the attention of domestic specialists. “The attackers tried to develop their program in such a way that it attracted as little attention as possible. Win32 / Stuxnet infection method is also unique, as the software uses a previously unknown vulnerability. And the possibility of a virus penetrating a PC through USB drives allows you to quickly become more prevalent, ”said Alexander Matrosov, head of the Eset Russian Virus Research and Analytics Center, commenting on the situation.

It is worth noting that rumors about the focus of Stuxnet on Iran may well turn out to be completely groundless, since this virus is most common in the United States, then in Iran. Russia is in third place.

There is, of course, another opinion - this has already been mentioned here .

Via news.yahoo.com and CNET

UPDATE Alexander Matrosov, head of the Eset Russian Virus Research and Analytics Center, provided new statistics on the spread of the virus, for which he thanks a lot. Here is the most recent statistics, where you can see that Iran still leads in the list:

Iran - 52.2%
Indonesia - 17.4%
India - 11.3%

Some more information on the topic from the site esetnod32.ru here .

And finally, Alexander’s opinion on why the virus was “sharpened”: “My personal opinion of Bushehr could be only one of the goals, but nothing indicates that it is the only or the main one. For example, in Germany there were several cases of infections at nuclear power plants. I agree with the opinion of my colleague expressed today in our English-language blog (http://blog.eset.com/2010/09/25/cyberwar-cyberhisteria) ”.

Alexander, thanks again for the info!