A new worm targeted Iran’s nuclear program, closing down the “automation network” at the Natanz and Fordo facilities, the Internet security site reported, citing an e-mail it said was sent by a scientist inside Iran’s Atomic Energy Organization.
The virus also prompted several of the computers on site to play the song “Thunderstruck” by AC/DC at full volume in the middle of the night, according to the e-mail, part of which is published in English on the website.
Information about this incident is being treated very carefully. Finnish security firm F-Secure reported receiving the information and that it was suspected to come from a scientist in Iran’s very highly security sensitive Atomic Energy Organization. F-Secure confirmed the email address, but pointed out that it couldn’t confirm that the sender was who he said he was.
(Add to this the fact that those responsible for an attack of this type would also be quite capable of sending a fake email, too, and you can see why F-Secure is making qualified statements.)
Suspicions will be high voltage, too- Iran routinely accuses the US and Israel of sabotage and attacks on its controversial nuclear program. Iran has stopped short of confirmation of the attack or making accusations in this case so far. However, Iran’s Information Technology Organization chief Ali Hakim Javadi issued a statement according to the state run TV network, calling on the UN to condemn cyber attacks against nations.
Javadi points out in his statement that the types of highly advanced malware required to launch attacks are very expensive, and not within the reach of normal cyber malware developers as individuals.