Source: Ars Technica
The Stuxnet computer worm used to sabotage Iran’s nuclear program was planted by a double agent working for Israel. The agent used a booby-trapped memory stick to infect machines deep inside the Natanz nuclear facility, according to a report published on Wednesday.
Once the memory stick was infected, Stuxnet was able to infiltrate the Natanz network when a user did nothing more than click on an icon in Windows, ISSSource reported. They cited former and serving US intelligence officials who requested anonymity because of their proximity to the investigations. Covert operators from Israel and the US wanted to use a saboteur on the ground to spread the infection to insure the worm burrowed into the most vulnerable machines in the system, reporter Richard Sale added.
The double agent was probably a member of an Iranian dissident group, possibly from the Mujahedeen-e-Khalq group. This group is believed to be behind the assassinations of key Iranian nuclear scientists. In October, a huge blast destroyed an underground site near the town of Khorramabad in western Iran that housed most of Iran’s Shehab-3 medium-range missiles capable of reaching Israel and Iraq. Former and current US officials told ISSSource that the MEK was behind the attack, and one of the officials said “computer manipulations” caused the blast. “Given the seriousness of the impact on Iran’s (nuclear) program, we believe it took a human agent to spread the virus,” the source told the publication.
As Wired.com senior reporter Kim Zetter chronicled last year, Stuxnet made history as the most advanced—if not the first—real cyber weapon. It ultimately exploited four previously unknown vulnerabilities in Windows and masterfully took advantage of weaknesses buried deep inside Siemens’s Simatic WinCC Step7 software, which was used to control machinery inside Natanz. Stuxnet disrupted the Iranian nuke program by sabotaging the centrifuges used to enrich uranium. While the worm was designed to spread widely, it was programmed to execute its malicious payload against a highly selective list of targets.
According to ISSSource, Stuxnet wasn’t the first malware the US military has used against opponents. In the 1980s, it planted viruses inside a Soviet military-industrial structure that could be activated in time of war. A similar process against China is continuing today, the publication said. In late 1991, just prior to the Desert Storm operation against Iraq, the CIA and British Government Communication Headquarters implanted bugs into hardware that was smuggled into Baghdad. US planes destroyed the targeted command and control network where the infected equipment was inserted before the malware was able to spread.