Stuxnet likely took out 1000 Iranian nuclear fuel centrifuges

In late 2009 or early 2010, Iran decommissioned and replaced 1000 IR-I centrifuges at Natanz. “Although mechanical failures or operational problems have often been discussed as causing problems in the IR-1 centrifuges, the crashing of such a large number of centrifuges over a relatively short period of time could have resulted from an infection of the Stuxnet malware”, the report judged.

The Stuxnet malware targets control systems that operate industrial facilities, such as nuclear power plants. The ISIS report said that Stuxnet changes the frequencies of frequency converters that control the speed of motors. The frequencies Stuxnet targets correspond to the IR-1 centrifuge, suggesting that the malware was designed to disrupt that system, the report said.

While the Iranian government has not said that Stuxnet attacked the Natanz plant, it has acknowledged that its nuclear facilities came under cyber attack. “They succeeded in creating problems for a limited number of our centrifuges with the software they had installed in electronic parts”, President Mahmoud Ahmadinejad said at a recent press conference.

The ISIS said that quarterly safeguard reports by the International Atomic Energy Agency (IAEA) support the possibility that Stuxnet was responsible for the Natanz centrifuges’ disruption.

Although Stuxnet appears to have been developed to attack Iranian nuclear facilities, it has spread far beyond its intended target. “Part of the reason is in the design of Stuxnet, which needs to spread in order to increase its chance of infecting an industrial control system via a removable drive used with an infected computer”, the report said.

The Stuxnet malware is able to be used against industrial facilities in Western countries, including the US. “Countries hostile to the United States may feel justified in launching their own attacks against U.S. facilities, perhaps even using a modified Stuxnet code. Such an attack could shut down large portions of national power grids or other critical infrastructure using malware designed to target critical components inside a major system, causing a national emergency”, the report warned.

What’s hot on Infosecurity Magazine?