An Iranian Bushehr Nuclear Power Plant Executive confirmed on Sunday that its nuclear reactor project had been infected by the Stuxnet virus, but said that no significant harm had been done. The executive failed to say what harm had been done however, and if months of delays at the Bushehr plant had been caused by the virus.
What is Stuxnet?
Well Stuxnet is much more than a virus and the program is apparently so sophisticated that teams of experts around the world haven’t yet discovered how it works and what it’s capable of doing.
It’s assumed however that a country created the virus and not a person or persons in a basement, and all heads are looking at the US, Israel and China as they are considered the only countries capable of creating the program.
Stuxnet is complex self-replicating malware that uses Windows vulnerabilities to insert itself into Scada (supervisory control and data acquisition) industrial control systems made by Siemens, which it then scans for information to report back to its controllers over the internet.
Under some conditions, it can then take control of the industrial systems, and it can be remotely updated.
Whether or not we’re pleased that the “virus” can slow down Iran’s pursuit of nuclear weapons, what concerns me is that the question that now begs to be answered is, “When will sophisticated programs of this sort start taking over the power plants, water distribution etc and even the military installations of countries deemed to be enemies?”.