Iran's nuclear programme still crippled by Stuxnet

Despite claims from Iran that Stuxnet has been eliminated, the malware has crippled the country’s nuclear programme.

US and European experts say their insecurity websites, which provide information on Stuxnet, continue to be swamped with traffic from Tehran and other places in the Islamic Republic.

This means that the worm continues to infect the computers at Iran’s two nuclear sites and must have thrown the whole programme into confusion.

Stuxnet worm was equipped with a warhead that targeted and took over the controls of the centrifuge systems at Iran’s uranium processing centre in Natanz, and the massive turbine at the nuclear reactor in Bashehr.

Last week President Mahmoud Ahmadinejad, after months of denials, admitted that the worm had penetrated Iran’s nuclear sites, but he said it was detected and controlled.

Fox News quoted Eric Byres, a computer expert who has studied the worm, said his site was hit with a surge in traffic from Iran, meaning that efforts to get the two nuclear plants to function normally have failed.

Iran still hasn’t come to grips with the complexity of the malware that appears to be still infecting the systems at both Bashehr and Natanz, he said.

He said more Iranians were visiting his security site than any other country, including the US.

While individual computer owners from Iran were looking for information about the virus, the worm targeted only the two nuclear sites and did no damage to the thousands of other computers it infiltrated. This means that most of the visitors must be security people from Iranian facilities hit by the bug.

Ron Southworth, who runs the SCADA (the Supervisory Control and Data Access control system that the worm specifically targeted) list server, said that there had been a sudden increase in membership from people who wanted to hide their country of origin but clearly wanted information.