Iran Says Siemens Enabled Stuxnet Attacks

worm

The accusations first appeared in the Islamic Republic News Service, or IRNA, Iran's state news agency, by Brigadier General Gholam Reza Jalali, according to Reuters.

Specifically, Jalali said that Siemens should be held accountable for the role it played when programmers from the U.S. and Israel built the sophisticated Stuxnet worm that wreaked havoc on numerous nuclear facilities over the course of the last 10 months.

"Siemens should explain why and how it provided the enemies with the information about the codes of the SCADA (Supervisory Control and Data Acquisition) software and prepared the ground for a cyber attack against us," Jalali told the Islamic Republic News Service. “It was a hostile action which could have inflicted serious damage on the country if it had not been dealt with in a timely manner.”

Jalali went on to say that both the U.S. and Israel should be held legally responsible for the damage the worm created at Iran's facilities.

Although it first emerged in June 2009, Stuxnet remained largely under the radar until June 2010 due to its ability to stealthily cover its tracks and hide its presence. The worm then attacked hundreds of thousands of systems over the last 10 months, spreading largely in Iran and Indonesia.

Separating the Stuxnet worm from other previous viruses are its "search and destroy" capabilities, specifically designed to target industrial facilities such as chemical manufacturing and power plants that rely on SCADA systems.

The worm possesses the ability to modify Programmable Logic Controllers -- devices that control the machines at power plants -- by altering critical Siemens code, which scans classified factory operations.

Researchers at Symantec discovered at the end of last year that Stuxnet was created to impact control systems containing frequency converter drives, a power supply that can increase the speed of a motor with a higher frequency. Specific frequency converter drives are found in nuclear facilities all over the world, including those in Tehran, Iran.

Like other sophisticated malware, Stuxnet initially spread by exploiting four critical Windows zero-day vulnerabilities, but subsequently proliferated with infected USB sticks and unsecure shared networks.

During the summer of 2010, Stuxnet made headlines after it was detected at Iran's Bushehr nuclear power facility. Since then, the notorious worm has infiltrated and attacked five nuclear power facilities within Iran over a 10-month period, according to Symantec security researchers.

Iranian president Mahmoud Ahmadinejad later confirmed that the worm had sabotaged uranium-enrichment operations at Iran's Natanz facility, which reportedly set Iran's nuclear program back by months and dropped its production by 30 percent.

Jalali's remarks come three months after a New York Times investigation indicating that both the U.S. and Israel collaborated to create the code for the infamous Stuxnet worm in a joint effort to sabotage Iran's nuclear efforts and selected power plants.

Anonymous sources said the malware was developed at Israel's Dimona Complex in 2008 as part of a joint U.S.-Israeli effort after American intelligence agencies identified the type of controllers Iran intended to use and their weaknesses, according to the New York Times. The Siemens controllers were tested at the Idaho National Laboratory, the newspaper said.