The complex piece of malware was believed to be targeted at Iran's nuclear program, with fingers of blame pointing at the United States and/or Israel for mandating it (though the origin of the malware itself is still a mystery).
Now a detailed description of Stuxnet has been released by Symantec, and the well-known security firm says it was targeted at five industrial facilities in Iran over 10 months. Symantec did not mention the targets by name however, and would not confirm whether the targets had links to the country's nuclear program.
Iran has denied that Stuxnet caused any major damage to its nuclear facilities, but analysis has previously shown that Stuxnet had the capability to disrupt the centrifuges used to enrich uranium. Once Stuxnet compromised a computer network, it was designed to seek out a specific configuration of industrial control software made by Siemens.
It would then reprogram the PLC software to alter instructions given to attached industrial machinery.
Symantec suggests that the authors of the Stuxnet malware must have had extensive knowledge of the systems in use at the targeted organizations. It infected and spread by use of USB keys, bringing it to networks not usually connected to the Internet for security reasons. The virus could have been spread among the targeted organizations by contractors associated with them.
A Symantec PDF document on Stuxnet is available at: http://www.symantec.com/
Written by: James Delahunty @ 16 Feb 2011 18:11
