‘Stuxnet virus set back Iran’s nuclear program by 2 years’


Top German computer consultant tells ‘Post’ virus was as effective as military strike, a huge success; expert speculates IDF creator of virus.

The Stuxnet virus, which has attacked Iran’s nuclear facilities and which Israel is suspected of creating, has set back the Islamic Republic’s nuclear program by two years, a top German computer consultant who was one of the first experts to analyze the program’s code told The Jerusalem Post on Tuesday.

“It will take two years for Iran to get back on track,” Langer said in a telephone interview from his office in Hamburg, Germany. “This was nearly as effective as a military strike, but even better since there are no fatalities and no full-blown war. From a military perspective, this was a huge success.”

Langer spoke to the Post amid news reports that the virus was still infecting Iran’s computer systems at its main uranium enrichment facility at Natanz and its reactor at Bushehr.

Last month, the International Atomic Energy Agency (IAEA), the United Nation’s nuclear watchdog, said that Iran had suspended work at its nuclear-field production facilities, likely a result of the Stuxnet virus.

According to Langer, Iran’s best move would be to throw out all of the computers that have been infected by the worm, which he said was the most “advanced and aggressive malware in history.” But, he said, even once all of the computers were thrown out, Iran would have to ensure that computers used by outside contractors were also clean of Stuxnet.

“It is extremely difficult to clean up installations from Stuxnet, and we know that Iran is no good in IT [information technology] security, and they are just beginning to learn what this all means,” he said. “Just to get their systems running again they have to get rid of the virus, and this will take time, and then they need to replace the equipment, and they have to rebuild the centrifuges at Natanz and possibly buy a new turbine for Bushehr.”

Widespread speculation has named Israel’s Military Intelligence Unit 8200, known for its advanced Signal Intelligence (SIGINT) capabilities, as the possible creator of the software, as well as the United States.

Langer said that in his opinion at least two countries – possibly Israel and the United States – were behind Stuxnet.

Israel has traditionally declined comment on its suspected involvement in the Stuxnet virus, but senior IDF officers recently confirmed that Iran had encountered significant technological difficulties with its centrifuges at the Natanz enrichment facility.

“We can say that it must have taken several years to develop, and we arrived at this conclusion through code analysis, since the code on the control systems is 15,000 lines of code, and this is a huge amount,” Langer said.

“This piece of evidence led us to conclude that this is not by a hacker,” he continued. “It had to be a country, and we can also conclude that even one nation-state would not have been able to do this on its own.”

Eric Byres, a computer security expert who runs a website called Tofino Security, which provides solutions for industrial companies with Stuxnet-related problems, told the Post on Tuesday that the number of Iranians visiting his site had jumped tremendously in recent weeks – a likely indication that the virus is still causing great disarray at Iranian nuclear facilities.

“What caught our attention was that last year we maybe had one or two people from Iran trying to access the secure areas on our site,” Byres said. “Iran was never on the map for us, and all of a sudden we are now getting massive numbers of people going to our website, and people who we can identify as being from Iran.”

Byres said that some people openly identified themselves as Iranian when asking for permission to log onto his website, while others were impersonating employees of industries with which he frequently works.

“There are a large number of people trying to access the secure areas directly from Iran and other people who are putting together fake identities,” he said. “We are talking about hundreds. It could be people who are curious about what is going on, but we are such a specialized site that it would only make sense that these are people who are involved in control systems.”

December 15, 2010 | 6 Comments »

Subscribe to Israpundit Daily Digest

Leave a Reply

6 Comments / 6 Comments

  1. “Now, out of nowhere comes Stuxnet, a super cyber wrench that (supposedly) was thrown into the heart of Iran’s nuclear facilities, gumming up the works. Shrouded in mystery with its legend growing and its origins unknown, Stuxnet can do for Obama what the NIE did for Bush – twiddle his thumbs while the danger grows and approaches critical mass.”

    Today, the Jerusalem Post picks up the baton and runs this: ‘Stuxnet virus set back Iran’s nuclear program by 2 years’

    Below the story, in the comments section, a reader from Germany writes this:

    Be very wary of a “2 year setback”

    Author: Christian B. Country: Germany-Stuttgart 12/15/2010 11:44

    Remember the combined analysis a few years back by all US intelligence agencies that Iran has stopped her nuclear pursuits? This new “2 year set back” reminds me of it! The world is scared to death of an Israeli attack. Of course it is in the interest of cowardly world leaders to keep up the appearance that there is still plenty of time left to deal with Iran peacefully. I would not trust this German expert on this, but I am afraid that since Israeli leaders also lack the courage to do the right thing, they will gladly fall for 2 more years of empty discussions.

    Of course, compared to the “experts,” what could two kibitzers possibly know?

  2. Dan,

    I read, with interest, your reference to the Chinese connection. The evidence given there points to some locations in Suzhou, and to contacts with unnamed “officials”. Suzhou, of course, is easily accessible to foreigners, and the businessmen there and elsewhere in China are not tightly regulated. As for the work of “officials” in relatively corrupt China, these can hardly be said to have been officially sanctioned.

    The gist of this is that even with a “Chinese connection”, the work could have been accomplished by non-Chinese agents — possibly with the connivance of some Chinese nationals, of whom there are 1.5 billion. The virus had to find its way into the Iranian sites, something which could most effectively have been done through an inoccuous portable device, implicating the many Russian scientists who had free access to the sites; and DEBKA has noted that some Russians were arrested by the Iranians and others fled. The connection between the very large ex-Russian community in Israel and their highly skilled contacts in the “old country” is obvious.

    The fact is that just about every country in the world has a stake in trying to stop the Iranian ambitions by means short of a full-blown war, including countries such as:

    1. Iran’s immediate neighbors, who are immediately threatened by both attack and fallout
    2. The Europeans, who fear retalliation by their enormous Islamic fifth column communities
    3. East Asians, including the Chinese and Japanese, who do not want their energy supplies disrupted, and
    4. North Americans, especially the US, who end up being the scapegoats of all Islamic schemes
    5. Australians and New Zealanders, who look American and European — AND produced Julian Assange 😮

    I guess that only leaves Latin America off the hook.

  3. [Wherein another “cyber security expert” goes against the grain, and in the process leaves open the only question that really counts: Is Stuxnet an excuse for Israel and/or the U.S.A. to do nothing against Iran for at least two more years? df]

    Forbes, The Firewall, Dec. 14 2010

    Stuxnet’s Finnish-Chinese Connection

  4. The United States and Israel… but not Russia? Frankly, I don’t think the Iranians can trust anyone — and for a good reason: They’re untrustworthy villains themselves!