Hackers targeted Iran with new malicious software on Monday, April 25, for the second time in four months. The target was not identified by the Meher News Agency while quoting a top official of the anti-sabotage unit at the Passive Defence Organization. The official, Brigadier General Gholam Reza Jalali merely stated that certain characteristics of the virus, ‘Stars’ have been identified and added that it is compatible with the ‘system’. But he neither identified the system nor did he state when and how the virus was detected. Until the Iranian experts complete their investigations the full scope of ‘Star’ will remain a matter of conjecture.
From what is on record, it is clear that the Star virus is ‘congruous and harmonious’ with the (computer) system and in the initial phase it did minor damage.
The last December’s target was clearly the computer system in the central Iranian city of Natanz, which is home to the Uranium Enrichment Plant regularly inspected by the UN nuclear watchdog. US-based Anti-virus specialist, Symantec Corp, identified the virus as ‘Stuxnet’ and said it might have been designed to disrupt the motors that power gas centrifuges used to enrich uranium. So logically speaking, the target of Stuxnet was the enrichment programme. It infested at least 30,000 computers. The extent of damage is not known in the absence of an official word. Tehran lashed at Washington and Tel Aviv for the cyber attack. Also German MNC, Siemens, because it had supplied the Supervisory Control and Data Acquisition (SCADA) process controllers used to run the Bushehr power plant, the Natanz uranium enrichment plant, and other industrial facilities in Iran. On its part, Siemens says it was blindsided by Stuxnet, and began publishing its own research and tools to remove the worm from infected computers last fall.
Confronting the Stuxnet virus does not mean that the threat has been fully removed, since viruses have a certain life span and it is possible that they continue their activity in a different form. It means there is need for more caution and more anti-virus effort on the part of Iran. Because, the Iranian scientists first noticed Stuxnet in July last year in computers of Bushehr nuclear reactor. Over the next six-months, even as anti-virus experts were at work to checkmate it, the virus had spread to Natanz making it a truly “guided cyber missile”, aimed at Iran’s atomic programme.
If the Bushehr power plant were to go on line “the internal directives programmed into the structure of the virus can actually bring the generators and electrical power grid of the country to a sudden halt, creating a “heart attack type of work stoppage,” according to informed sources. The Stuxnet “has automatic updating capabilities in order to track and pirate information,” and that it “can destroy system hardware step-by-step," says Iran’s Special Intelligence Unit, which studied the phenomenon.
Hacking is not a new phenomenon in the cyber world. It is often a team effort since creating a malicious code requires a team of as many as five to ten highly educated and well-funded cyber hands. Hacking/attacking has become a part of strategic tool for some countries even as several amateurs are at work for the heck of it. For both kinds of threats, the only protective gear is not anti-virus tool but ‘security consciousness that limits the exposure. This is what most countries India in particular have learnt. Hackers’ trail extends from Pakistan to China in the case of Indian computer systems. Yet, the damage has not been significant. The relevance of Indian experience was highlighted by the ‘shut down’ in France of some 10,000 computers in February. The hacking coincided with Paris hosting the G20 financial summit. The hackers reportedly used Chinese Internet addresses. It was a creeping attack since the attacks began in December apparently looking for documents relating to the G20 meeting. The security breach may propel France to improve its computer security, according to Budget Minister Francois Baron.
