How Damaging Stuxnet Worm Has Been to Iran’s Industry?

Stop Fundamentalism Special Report

According to a state-run website, Fars News, on February 20, Saied Ahangaran, a technical deputy for the Iranian Ministry of Intelligence said that 16,000 computers are still infected by the Stuxnet Worm in Iran.  He blamed the international sanctions for this country’s inability to acquire the necessary anti-malware software and tools to combat the computer infection.

The Stuxnet’s attack on the Iranian computer systems, and specifically on computerized control systems used for turning Iranian centrifuges used for enriching uranium in this country’s suspicious nuclear program, was surfaced two years ago.  No one has taken responsibility for the development and release of the mal-ware although some reports later on speculate that only the US and Israelis could have developed the Worm due to the advanced technology used in its code. 

Stuxnet is specific to Iran as there have been no serious reports of it showing up elsewhere.  According to Ahangaran, Stuxnet is an advance virus developed specifically for the Iranian industry to attack controlling systems known as SCADA by Siemens which is vastly used in the Country’s industrial sector.  (SCADA is acronym for supervisory control and data acquisition, a computer system for gathering and analyzing real time data.)  Among other things, the virus uploads industrial secrets and data on the internet making them available to the developers of the mal-ware for analysis and compilation.

Ahangaran stated that the virus has been developed by a government and is not a normal virus.  In 2010 the Iranian regime announced that 30,000 IPs in Iran have been infected by the virus and are sending information about Iran’s industrial production to other countries.

“Over 60,000 computers in Iran have been infected by the Stuxnet virus.” Said an Iranian IRGC associated website back in October 19, 2010, adding, “Its targets are industrial networks and it is capable of controlling and damaging industrial systems such as those at work in nuclear sites.”

According to the same report, Stuxnet has infected computer systems at Bushehr and Natanz nuclear sites in Iran since early 2010.  Those are the main weak points of Iran’s nuclear program.

But from the reports above and other internal sources it is apparent that Stuxnet will not stop at nuclear facilities, and with a similar development, now Iran’s air defense system is being targeted by it which could ultimately cripple this country’s air defenses, preparing conditions for a possible air attack.

“The Stuxnet problem is a very serious one,” say an internal IRGC technical report, “We were ignorant about it for 12 months and it infected many systems during that time.”

A report by the Presidential Communication Network Security in Iran, dated October 2010 says, “Stuxnet has infected all power stations, most hospitals, banks, the whole communication network, refineries, factories and many other sites and networks.”  This report stresses that, “The claim made by the Ministry of Intelligence and IRGC Intelligence or other agencies that says ‘we have the Stuxnet virus under control’ is unrealistic and wrong.”

Most interestingly is a report from regime’s Security Council.  They are concerned that the Stuxnet can be more lethal to the regime than a bombing raid campaign on Tehran.  That is because in a case of bombardment of Tehran, people’s unrest is less likely but in case of the Stuxnet attack, when all infrastructures have been damaged or destroyed; people will not have any mercy on the mullahs and their supporters.