Suspicion falls on Israel as new computer ‘supervirus’ hits Iran

Iran says its defence computer systems have been infected with a “supervirus” similar to one believed to have been created by Israel which severely damaged Tehran’s nuclear program last year.

Anti-virus experts have identified a virus called Duqu that they said shared properties with the Stuxnet worm apparently created by Mossad, the Israeli security service. It was thought to have targeted the nuclear program’s centrifuges, the devices that enrich uranium to create nuclear fuel.

It was not clear from the Iranian statement whether Duqu had also struck nuclear facilities, but it was the regime’s first admission of damage.

“We are in the initial phase of fighting the Duqu virus,” said Gholamreza Jalali, the head of Iran’s civil defence program. “The final report which says which organisations the virus has spread to and what its impacts are has not been completed yet. All the organisations and centres that could be susceptible to being contaminated are being controlled.”

Mossad and other Western intelligence agencies have made no comment on sabotage operations against Iran, as Western leaders continue to argue about whether military action would justified. A report by the International Atomic Energy Agency last week claimed that Iran was developing technology to fit nuclear warheads to missiles.

William Hague, the British Foreign Secretary, said that Britain was not yet “calling for, or advocating, military action”, but added: “At the same time, we are saying that all options are on the table.” Guido Westerwelle, the German foreign minister, said harsh sanctions were unavoidable but he would not consider military intervention.

Even Israel is split, with Benjamin Netanyahu, the prime minister, and Ehud Barak, the defence minister, said to be in favour, but a majority against.

The Stuxnet virus altered the speed at which the enrichment centrifuges spun until they were out of control. It was so sophisticated that experts said it must have been the work of an advanced, probably national, sabotage program. Duqu operates differently, though using some of the same code to infiltrate computers, sending back information to its handlers rather than breaking down systems. The virus was spread through an infected Microsoft Word document.

Symantec, the computer security firm, which has led investigations into Stuxnet and Duqu, said the new virus seemed to be intended to gain remote access to computer systems.

“The authors had access to the Stuxnet source code,” Symantec said. “The attackers are looking for information such as design documents that could help mount an attack on an industrial control facility. Duqu is essentially the precursor to a Stuxnet-like attack.”

Israel has done little to hide its glee at a series of “problems” faced by Iran’s weapons and nuclear programs.

An explosion at a missile base on Saturday killed 17 members of Iran’s Revolutionary Guard, including Hassan Moghaddam, the brigadier-general in charge of missile development. Its similarity to an explosion at a base in October last year caused speculation that both were the work of Mossad. “I don’t know the extent of the explosion,” said Mr Barak on Sunday night. “But it would be desirable if they multiply.”

Article source: http://www.canada.com/Suspicion+falls+Israel+computer+supervirus+hits+Iran/5708814/story.html

View full post on National Cyber Security » Virus/Malware/Worms

Gergory Evans

Gregory Evans | LinkedIn

Interview With Gregory Evans

Gregory Evans Security Expert

Gregory Evans on Cyber Crime