The Stuxnet worm, dubbed the world’s first cyber superweapon, may have been originated from German giant Siemens, says a senior technology consultant at system security developer Sophos.
The worm may have been written by someone with detailed knowledge of Siemens’ computer systems, Graham Cluley said on Friday.
Speaking to Computer and technology news website, V3, Cluley said the person may possibly be a current or former employee of the German industrial giant whose control systems are widely used to manage industrial facilities such as oil rigs and power plants.
“The message I got was that it appears to have been written by someone with inside knowledge of how Siemens’ systems work,” he said after attending the Virus Bulletin 2010 conference in Vancouver in Canada.
He added that none of the presenters at the conference, where the malware took center stage, “gave any evidence about who wrote it and against who it was targeted.”
Cluley also pointed out that the evidence for this being a targeted attack on Iran is patchy since anti-virus maker Symantec reported that more attacks had been reported in India and Indonesia than in Iran.
Another expert on the issue, Mikko Hypponen, chief research officer at F-Secure, told V3 that based on evidence he’d seen, the worm looks like a government attack.
“If you look at the level of difficulty and complexity behind Stuxnet, it has to be a government effort,” he further explained.
Media reports emerged in July, claiming that Stuxnet had targeted industrial computers around the globe with Iran being the main target of the attack.
Iran’s Telecommunications Minister Reza Taqipour, however, announced that the computer worm had caused no serious damage to the country’s industrial sites.
Iranian experts say the worm may have been created by a state-sponsored organization in the US or Israel to target specific control software being used in the Iranian industrial sector, including the Bushehr plant — Iran’s first nuclear power plant.