Analysts suggest program steals information from industrial control systems.
By ADAM CHANDLER
A report recently published by Symantec, the world’s largest maker of personal computer security software, concludes that Siemens AG computer systems in Iran were recently the primary target of a worm called Stuxnet. The worm is a malicious program that attacks software used to control water-processing plants, power grids and factories.According to data compiled from a sample of 14,000 unique IP addresses affected by Stuxnet, nearly 60 percent of the infected systems were in Iran.Other countries substantially affected by the worm included Indonesia and India.“We have found out the software is capable of sending data, and it tries to set up a connection via the Internet,” Wieland Simon, a spokesman for Siemens, said. “We don’t know where the data is being sent.”Stuxnet was first detected by a Belarus-based anti-virus company called VirusBlokAda, which initially found the program on the system of an Iranian customer. According to analysts, the worm seeks out management systems, steals secret data and uploads it to the Internet.A blog written by security analysts at Symantec also noted that Stuxnet was “the first publicly widespread threat that has shown a possibility of gaining control of industrial processes and placing that control in the wrong hands.”Symantec did not intimate that it had any suspects in mind and speculated that those responsible for the worm could be anyone from a disgruntled employee or commercial competitor to a terrorist or actor in state-sponsored espionage.Analysts believe Stuxnet has been in circulation since January.