Little doubt remains that the Stuxnet worm represents one of the most sophisticated digital attacks on critical infrastructure systems that cybersecurity researchers have ever seen. The motives of whoever launched that attack is a far murkier question–but a mounting stack of theories is starting to point to a targeted sabotage of Iran’s nuclear facilities.
The latest, put forward by Frank Rieger, a researcher at security and encryption firm GSMK, posits in a Frankfurt newspaper (translation here) and on his blog that Stuxnet targetted a nuclear enrichment facility in the Iranian town of Natanz. Stuxnet has spread internationally, but the vast majority of infections have happened in Iran, according to numbers from antivirus firm Symantec in July.
Rieger points to signs that Stuxnet was engineered to infect systems as early as January 2009. And in July 2009, whistle-blower site Wikileaks posted a note from an anonymous source describing a nuclear accident in Natanz. The head of Iran’s nuclear program resigned shortly thereafter, and Rieger points to official Iranian numbers that showed a reduction in working enrichment centrifuges.