Stuxnet Virus Infected Russian Nuclear Reactor, Expert Says

Virus was introduced to Russian facility via USB thumb drive, says information security expert Eugene Kaspersky.

Oded Yaron
Oded Yaron
Send in e-mailSend in e-mail
Oded Yaron
Oded Yaron

The Stuxnet worm, known for its reported penetration of Iranian nuclear facilities, attacked a Russian nuclear network, a computer security expert has said.

The Russian facility was supposed to be safe from such an attack because it was completely sealed off from the Internet. However, the malware was introduced to the Russian network through a USB thumb drive, crossing the so-called air gap to the plant's computers, according to Eugene Kaspersky, CEO of an eponymous company, in a briefing for reporters in Canberra, Australia last week.

Stuxnet appears to have caused serious damage to Iranian nuclear systems in recent years, and various media reports have attributed its attacks to joint project by Israel and the United States. According to the reports, the Stuxnet worm attacked the controllers of centrifuges at the Iranian nuclear enrichment facility in Natanz holding back progress on Iran's nuclear program.

The malware is one of a family of such malware said to be used to spy on and attack Iran over the past few years, including such programs as Duqu, Flame, Red October and Gauss.

Kaspersky and his company have studied in depth these cases, which have brought into the limelight the possibility of international cyber warfare.

In his talk in front of Australia's National Press Club, Kaspersky outlined Stuxnet's main two purposes: To give operating instructions to the centrifuges' industrial control systems so they would spin out of control and damage the equipment, turning it inoperable; and at the same time the malware created a false set of data leading the Iranian supervisors to think the centrifuges were working properly.

It was already known that Stuxnet had infected computers in countries other than Iran, and Russia had warned over two years ago of the dangers inherent in the malware. In January 2011, the Russian ambassador to NATO demanded an investigation into the use of the Stuxnet worm and said it could cause a "new Chernobyl."

Kaspersky said he received the tip on the compromise of Russia's nuclear security from a worker at the nuclear facility, which is not connected in any way to the Internet. He said the malware crossed the air gap to the plant's computers on the USB device. "So unfortunately these people who were responsible for offensive technologies, they recognize cyber weapons as an opportunity," he said. Similar malware has traveled much farther in others situations, such as when a Russian cosmonaut unwittingly infected the computers on the International Space Station with such a virus once, said Kaspersky - but he did not provide details. It seems he was referring to a case that occurred in 2008, and which NASA reported the infection of a computer in the ISS.

"All data is stolen," Kaspersky told the journalists. "At least twice."

In a visit to Israel last year, Kaspersky made similar warnings - and even more dramatic ones. Speaking at a press conference at "The Cyber Warfare Conference: Challenges in the Global, Political, and Technological Arenas," organized by Tel Aviv University's Yuval Ne'eman Science, Technology, and Security Workshop, in June 2012, Kaspersky said that Flame was "just the beginning," adding, "I'm afraid that it will be the end of the world as we know it." He warned at the time that such malware could attack other countries and not just Iran. But at a similar press conference held this year, he toned down his message quite a bit and avoided making any apocalyptic forecasts.

Workers are seen in what is described by Iranian state television as an enrichment control room at a facility in Natanz, in this still image taken from video released February 15, 2012.Credit: Reuters

Click the alert icon to follow topics:

Comments

SUBSCRIBERS JOIN THE CONVERSATION FASTER

Automatic approval of subscriber comments.

Subscribe today and save 40%

Already signed up? LOG IN

ICYMI

Palestinians search through the rubble of a building in which Khaled Mansour, a top Islamic Jihad militant was killed following an Israeli airstrike in Rafah, southern Gaza strip, on Sunday.

Gazans Are Tired of Pointless Wars and Destruction, and Hamas Listens to Them

Trump and Netanyahu at the White House in Washington, in 2020.

Three Years Later, Israelis Find Out What Trump Really Thought of Netanyahu

German soldier.

The Rival Jewish Spies Who Almost Changed the Course of WWII

Rio. Not all Jewish men wear black hats.

What Does a Jew Look Like? The Brits Don't Seem to Know

Galon. “I’m coming to accomplish a specific mission: to increase Meretz’s strength and ensure that the party will not tread water around the electoral threshold. If Meretz will be large enough, it will be the basis for a Jewish-Arab partnership.” Daniel Tchetchik

'I Have No Illusions About Ending the Occupation, but the Government Needs the Left'

Soldiers using warfare devices made by the Israeli defense electronics company Elbit Systems.

Russia-Ukraine War Catapults Israeli Arms Industry to Global Stage