Computer Worm Wreaking Havoc on Iran's Nuclear Capabilities

Wednesday, 27 Apr 2011 03:39 PM

  Comment  |
   Contact  |
  Print   |
    A   A  
  Copy Shortlink

An internal report by a special intelligence unit in Iran has concluded that the Stuxnet malware computer virus that has infected Iran’s nuclear facilities is so dangerous it could shut down the entire national power grid.

The report, written by the Iranian Passive Defense Organization, chaired by Revolutionary Guards Gen. Gholam-Reza Jalali, states that Stuxnet has so thoroughly infected the operating systems at the Bushehr power plant that work on the plant must be halted indefinitely.

If the Bushehr power plant were to go on line, “the internal directives programmed into the structure of the virus can actually bring the generators and electrical power grid of the country to a sudden halt, creating a “heart attack type of work stoppage,” the report states.

The report was obtained by the “Green Liaison news group,” Iranian journalists affiliated with presidential candidate Mir Hussein Mousavi, and was translated into English by Reza Kahlili, a former Revolutionary Guards officer who spied on behalf of the CIA for over a decade while inside Iran.

The report claims that Stuxnet “has automatic updating capabilities in order to track and pirate information,” and that it “can destroy system hardware step-by-step."

Gen. Jalali has held two press conferences in recent weeks where he has given tantalizing glimpses into the conclusions of his top-secret task force to analyze and defuse the Stuxnet computer worm.

At one, he blamed Israel for collaborating in developing the worm and claimed that his experts had traced “reports” sent by the worm back to Texas.

“Enemies have attacked industrial infrastructure and undermined industrial production through cyberattacks. This was a hostile action against our country,” Jalali said. “If it had not been confronted in time, much material damage and human loss could have been inflicted.”

Jalali also lashed out at Siemens, the German firm that sold Iran the Supervisory Control and Data Acquisition (SCADA) process controllers used to run the Bushehr power plant, the Natanz uranium enrichment plant, and other industrial facilities in Iran.

"Our executive officials should legally follow up the case of Siemens SCADA software, which prepared the ground for the Stuxnet virus," he said.

"The Siemens company must be held accountable and explain how and why it provided the enemies with the information about the codes of SCADA software and paved the way for a cyberattack against us," he said.

Siemens has said it was blindsided by Stuxnet, and began publishing its own research and tools to remove the worm from infected computers last fall.

On Monday, Jalali claimed that his intelligence unit, which merges computer analysts from the intelligence ministry and the Revolutionary Guards intelligence service, had found a new computer virus attacking Iran’s nuclear facilities called “Stars.”


He called “Stars” an “espionage virus,” and said that it copied government files and was difficult to destroy in its early stages.

Kahlili believes that Gen. Jalali’s admission of the damage wrought by Stuxnet is significant, since until now the Iranian authorities have suggested that everything was under control. “This is the first official statement out of Iran that the U.S. and Israel should be blamed for this attack,” Kahlili told Newsmax.

“They held back for a long time in order to solve the problem, but have gone public because they haven’t succeeded in doing so. This shows the extent of the damage to the Bushehr power plant. What Jalali is saying is that they are holding the U.S. and Israel responsible and that Iran will retaliate,” he added.

Ralph Langner, the German computer security expert who first identified the specifics of the malicious code used by Stuxnet, says that the worm contains two “digital warheads” that seek out specific control systems to attack. But its targets are computers driving Iran’s uranium enrichment program, not the control systems at Bushehr, he insists. The larger of the two warheads loads onto S7-415 controllers in Siemens SCADA process control software. While these controllers are found “in power plant turbine control” systems, such as those at Bushehr, Langner now believes the warhead was not programmed to affect those systems.

“Anything that went wrong in Bushehr cannot be attributed to Stuxnet. It may be attributed to other sabotage acts, to stupidity, or whatever,” he told Newsmax in an email.

Because the Iranians reported early on that Stuxnet had infected Bushehr, Langner spent several months investigating what systems Stuxnet might attack at the Russian-built plant, before setting aside that thesis based on his analysis of the worm’s internal code.

“It would certainly be a good idea for Iran to clean up all systems before going operational in Bushehr (and before resuming operations in Natanz) as any further attempts to remove the virus when the plant is running will be much harder or even impossible,” Langner wrote in his blog on Feb. 1. “As long as there is even a single system in the nuclear program still infected with Stuxnet, those centrifuges continue to be at risk.”

Russian experts and officials have been warning for several months that the Bushehr power plant has become too dangerous to operate because of the Stuxnet infection. In February, Russia's envoy to NATO, Dmitry Rogozin, described to reporters an incident he claimed had been witnessed by Russian engineers working at the plant.

The engineers "saw on their screens that the systems were functioning normally, when in fact they were running out of control," he said. This was because Stuxnet was sending out false messages to the control instruments the engineers normally monitored.

The Russian engineers performed additional tests that determined physical malfunctions were occurring at the plant and then removed all nuclear fuel from the reactor. "The virus which is very toxic, very dangerous, could have had very serious implications," Rogozin said.

Iran was forced to shut down its uranium enrichment plant at Natanz last November and removed nearly 1,000 centrifuges because of malfunctions caused by Stuxnet. See "Cyberwar Declared on Iran."

Earlier this month, Iran refueled the Bushehr nuclear power plant and seemed ready to start the reactor, but Jalali’s report has put an indefinite hold on operations there.

The Iranian parliament recently sent a separate report to Supreme Leader Ali Khamenei saying that Bushehr had become so expensive and so many years behind schedule that it would be cheaper and quicker to build a new nuclear power plant and shut the Bushehr site definitively, Kahlili said.

© 2014 Newsmax. All rights reserved.

  Comment  |
   Contact  |
  Print   |
  Copy Shortlink
Around the Web
Join the Newsmax Community
Please review Community Guidelines before posting a comment.
>> Register to share your comments with the community.
>> Login if you are already a member.
blog comments powered by Disqus
 
Email:
Country
Zip Code:
Privacy: We never share your email.
 
Follow Newsmax
Like us
on Facebook
Follow us
on Twitter
Add us
on Google Plus
Around the Web
Top Stories
You May Also Like

Iranian Dissident Leader Claims Victory, Warns US

Thursday, 04 Aug 2011 16:38 PM

The leader of a dissident Kurdish organization in Iran says his forces killed more than 300 Iranian Revolutionary Guards . . .

Iran, Turkey Escalate Battle Against Iraq Kurds

Thursday, 28 Jul 2011 07:36 AM

Iran called on NATO member Turkey on Tuesday to help battle dissident Kurds in the rugged mountains along the northern b . . .

Iranian Troops Attack Kurdish Camps in Iraq

Tuesday, 19 Jul 2011 07:53 AM

Thousands of Iranian Revolutionary Guards (IRGC) troops crossed into northern Iraq over the weekend, bombarding Iraqi Ku . . .

Most Commented

Newsmax, Moneynews, Newsmax Health, and Independent. American. are registered trademarks of Newsmax Media, Inc. Newsmax TV, and Newsmax World are trademarks of Newsmax Media, Inc.

 
NEWSMAX.COM
America's News Page
©  Newsmax Media, Inc.
All Rights Reserved