Stuxnet computer virus much older than once thought
Stuxnet, a computer virus that attacked Iran's nuclear program, dates back to 2007, according to researchers at Symantec Corp. Stuxnet, believed to have been created by the US and Israel, was in development as early as 2005.
Subscribe Today to the Monitor
Stuxnet, which is widely believed to have been developed by the United States and Israel, was discovered in 2010 after it was used to attack a uranium enrichment facility at Natanz, Iran. It was the first publicly known example of a virus being used to attack industrial machinery.
Symantec researchers said on Tuesday they have uncovered a piece of code, which they called "Stuxnet 0.5," among the thousands of versions of the virus they recovered from infected machines.
They found evidence Stuxnet 0.5 was in development as early as 2005, when Iran was still setting up its uranium enrichment facility, and the virus was deployed in 2007, the same year the Natanz facility went online.
"It is really mind blowing that they were thinking about creating a project like that in 2005," Symantec researcher Liam O'Murchu told Reuters.
Security experts who reviewed Symantec's 18-page report on Stuxnet 0.5 said it showed the cyber weapon was already powerful enough to cripple output at Natanz as far back as six years ago.
"This attack could have damaged many centrifuges without destroying so many that the plant operator would have become suspicious," said a report by the Institute for Science and International Security, which is led by former United Nations weapons inspector David Albright and closely monitors Iran's nuclear program.
Although it is unclear what damage Stuxnet 0.5 might have caused, Symantec said it was designed to attack theNatanz facility by opening and closing valves that feed uranium hexafluoride gas into centrifuges, without the knowledge of the operators of the facility.