The US and Israel jointly developed of the Stuxnet computer worm which did great damage to Iran’s nuclear facilities, the ‘New York Times’ newspaper reports. Stuxnet selectively infects industrial control (SCADA) systems made by the German manufacturer Siemens, establishing a backdoor that creates a means to reprogram compromised systems. The worm is finely tuned so that it can alter the speed of high-speed frequency converter drives, such as those used in uranium enrichment. It doesn't do anything for mainstream industrial control set-ups, even after they are connected to industrial control systems, according to a report by the ‘Reuters’ news agency.
Stuxnet began spreading in June 2009 but its sophistication, including elaborate steps to disguise its presence on infected systems, meant it was not detected until June 2010. The malware infected hundreds of thousands of systems, with most infections appearing in Iran and Indonesia. After months of confusing and occasionally conflicting statements, Iranian President Mahmoud Ahmadinejad recently confirmed that the worm had sabotaged uranium enrichment centrifuges at Natanz. Production at the facility reportedly dropped by 30 percent, setting Iran's nuclear program back by many months as a result.
The consensus among anti-virus analysts, who have spent months pouring over the details of the 1.5MB malware code, was that the malware would have taken weeks to develop by a skilled team – with access to industrial control systems, for testing. The absence of any clear financial motive, and the obvious time and trouble needed to develop the malware, point to the likely involvement of a state-sponsored intelligence agency. Both Israel and the US have long been suspected of creating the worm. The ‘New York Times’ investigation fleshes out this theory, but does not provide much evidence.
Unnamed sources at Israel's Dimona Complex said the malware was developed there over the last two years as part of a joint US-Israeli operation designed to sabotage Iran's nuclear program. The foundations of this work were reportedly laid by American intelligence agencies which identified the type of controllers Iran intended to use and their vulnerabilities back in 2008. Testing of the Siemens controllers took place at the Idaho National Laboratory as part of a larger exercise in cyber security testing, according to the sources.
The story in the ‘New York Times’ does not explain how the malware was delivered, though it has been previously speculatively suggested that the malware was introduced by Russian sub-contractors at the Bushehr nuclear power plant, either accidentally or deliberately.