Stuxnet "0.5" hit Iran as early as 2007

Insecurity experts at Symantec have found a version of the Stuxnet virus that was attacking Iran’s nuclear program in November 2007 – years earlier than previously thought.

Stuxnet became famous in 2010 when it started shutting down Iran’s nuclear programme by taking out a uranium enrichment facility at Natanz, Iran.

Symantec researchers uncovered a piece of code, which they called “Stuxnet 0.5,” among the thousands of versions of the virus they recovered from infected machines.

It is clear that Stuxnet 0.5 was in development as early as 2005, when Iran was still setting up its uranium enrichment facility. It was deployed in 2007, the same year the Natanz facility went online.

Symantec researcher Liam O’Murchu told Reuters that it was mind blowing they were thinking about creating a project like that in 2005.

It seems that the cyber weapon was powerful enough to cripple output at Natanz six years ago.

It might have been that Stuxnet was damaging centrifuges without destroying enough to make the plant operator suspicious.

It is not clear what damage Stuxnet 0.5 caused. Symantec said it was designed to attack the Natanz facility by opening and closing valves that feed uranium hexafluoride gas into centrifuges, without the knowledge of the operators of the facility.

It worked slightly differently from other versions which sabotaged the enrichment process by changing the speeds of those gas-spinning centrifuges.

Symantec said it has now uncovered four versions of Stuxnet and there are likely others that have not been discovered.

Researchers are still short on hard evidence to nail who’s behind Stuxnet.