The computer virus, known as Stuxnet, has spread to the personal computers of staff working at the Bushehr nuclear power station – weeks before the facility is to go online.
Mahmoud Jafari, project manager at Bushehr, said a team is trying to remove the malware from several affected computers, though it “has not caused any damage to major systems of the plant.”
In a sign of the high-level concern in Iran, experts from the country’s nuclear agency met last week to discuss ways of fighting the worm.
The Russian-built plant at Bushehr will be internationally supervised, but world powers are concerned that Iran wants to use other aspects of its civil nuclear power program as a cover for making weapons. Of highest concern to world powers is Iran’s main uranium enrichment facility in the city of Natanz.
Experts in Germany discovered the worm in July, and it has since shown up in a number of attacks – primarily in Iran, Indonesia, India and the US.
Patrick Fitzgerald, threat intelligence officer at computer security company Symantec, told The Daily Telegraph that the complexity of the worm meant it was unlikely to have been developed by a lone hacker, but was probably the work of a team of highly-trained software engineers.
“If someone had asked me in June this year whether a worm of this sophistication, which could potentially be operated remotely, was possible – I would have said absolutely no way.
“But now it has been proved possible. We should be very worried indeed about this.”
Mr Fitzgerald said that the rate of infection in Iran was “off the charts”, with 60,000 computers believed to be affected by August. Experts think this suggests Iran is being specifically targeted.
Indonesia, with the second-highest level of infection, had 10,000 infected computers.
Symantec said they did not know who was behind the worm, which hides inside the computer unbeknown to the operator and can cause systems to malfunction.
The malware’s sophisticated programming and ability to hide itself suggest it may have been built by a government-sponsored organization in a country such as the U.S. or Israel, said Frank Rieger, technology chief at GSMK, a maker of encrypted mobile phones.
(Source: Telegraph UK)