The Jerusalem Post, via an interview with an IT professional, provides an expert assessment on who was responsible for creating the Stuxnet virus and a knowledgeable estimate of just how effective it was in shutting down Iran’s nuclear weapons program.
The Stuxnet virus, which has attacked Iranâ€™s nuclear facilities and which Israel is suspected of creating, has set back the Islamic Republicâ€™s nuclear program by two years, a top German computer consultant who was one of the first experts to analyze the programâ€™s code told The Jerusalem Post on Tuesday.
â€œIt will take two years for Iran to get back on track,â€ Langer said in a telephone interview from his office in Hamburg, Germany. â€œThis was nearly as effective as a military strike, but even better since there are no fatalities and no full-blown war. From a military perspective, this was a huge success.â€
Last month, the International Atomic Energy Agency (IAEA), the United Nationâ€™s nuclear watchdog, said that Iran had suspended work at its nuclear-field production facilities, likely a result of the Stuxnet virus.
According to Langer, Iranâ€™s best move would be to throw out all of the computers that have been infected by the worm, which he said was the most â€œadvanced and aggressive malware in history.â€ But, he said, even once all of the computers were thrown out, Iran would have to ensure that computers used by outside contractors were also clean of Stuxnet.
â€œIt is extremely difficult to clean up installations from Stuxnet, and we know that Iran is no good in IT [information technology] security, and they are just beginning to learn what this all means,â€ he said. â€œJust to get their systems running again they have to get rid of the virus, and this will take time, and then they need to replace the equipment, and they have to rebuild the centrifuges at Natanz and possibly buy a new turbine for Bushehr.â€
Widespread speculation has named Israelâ€™s Military Intelligence Unit 8200, known for its advanced Signal Intelligence (SIGINT) capabilities, as the possible creator of the software, as well as the United States.
Langer said that in his opinion at least two countries â€“ possibly Israel and the United States â€“ were behind Stuxnet.
Israel has traditionally declined comment on its suspected involvement in the Stuxnet virus, but senior IDF officers recently confirmed that Iran had encountered significant technological difficulties with its centrifuges at the Natanz enrichment facility.
â€œWe can say that it must have taken several years to develop, and we arrived at this conclusion through code analysis, since the code on the control systems is 15,000 lines of code, and this is a huge amount,â€ Langer said.
â€œThis piece of evidence led us to conclude that this is not by a hacker,â€ he continued. â€œIt had to be a country, and we can also conclude that even one nation-state would not have been able to do this on its own.â€
Eric Byres, a computer security expert who runs a website called Tofino Security, which provides solutions for industrial companies with Stuxnet-related problems, told the Post on Tuesday that the number of Iranians visiting his site had jumped tremendously in recent weeks â€“ a likely indication that the virus is still causing great disarray at Iranian nuclear facilities.
â€œWhat caught our attention was that last year we maybe had one or two people from Iran trying to access the secure areas on our site,â€ Byres said. â€œIran was never on the map for us, and all of a sudden we are now getting massive numbers of people going to our website, and people who we can identify as being from Iran.â€