By Niall Firth
Last updated at 3:18 PM on 23rd September 2010
The world’s first cyber ‘super weapon’ may have been specifically designed to target a nuclear power station, experts believe.
A computer virus called Stuxnet was first detected in June and has been described as one of the most sophisticated ‘worms’ ever created.
Now internet security experts fear that it was created to target a real-world installation such as a power station, possibly in Iran.
The worm targets computer systems that are not connected to the internet for security reasons. Instead it infects PCs running Microsoft Windows via infected USB memory drives.
After it has hijacked a PC, Stuxnet looks for Siemens software that runs industrial control systems in facilities like factories and power plants.
It then launches an attack by reprogramming software to give any industrial machinery new, potentially dangerous, instructions.
It is capable of taking control of key processes and is able to set off a sequence that could cause the entire system to self-destruct, say experts.
David Emm, a senior security researcher at Kaspersky, said what made Stuxnet different from other viruses was its targeted nature.
His firm has worked with Microsoft to find holes in their code which could be exploited by the worm.
Mr Emm said: What sets it apart is that it is not indiscriminate. Most viruses that are created are normally blasted out like a blunderbuss. But Stuxnet is written to only target a certain systems.
‘It finds flaws in code and uses it like an open window in a house, like a jemmy to make a bigger gap’, he said.
He said that Stuxnet appeared to have been designed purely for sabotage.
Ralph Langner, a German cyber-security researcher, has reverse-engineered the Stuxnet code and made his findings public. He said he is convinced the virus was designed to seek out and destroy key pieces of infrastructure.
He said: ‘Stuxnet is a 100-percent-directed cyber attack aimed at destroying an industrial process in the physical world. This is not about espionage, as some have said. This is a 100 percent sabotage attack.’
Iran was hardest hit by Stuxnet with nearly 60 per cent of all infected PCs found there.
Mr Langer believes that the Bushehr nuclear plant was the intended target for the attack.
Bushehr is currently being loaded with nuclear fuel but was not switched on in August as had been planned.
Mr Langer says that the sophistication of the virus means that only a ‘nation state’ could have developed it.
He wrote: ‘With the forensics we now have it is evident and provable that Stuxnet is a directed sabotage attack involving heavy insider knowledge.
‘This is not some hacker sitting in the basement of his parents’ house. To me, it seems that the resources needed to stage this attack point to a nation state.’
Mr Langer also believes that Stuxnet virus has already hit its target – we just haven’t heard about it yet.