The Stuxnet worm that attacked Iran's nuclear facility at Natanz came to light nearly four years ago, but how it got there remains a mystery. A possible new explanation, outlined Tuesday, cites the supply chain as the key.
Stuxnet, a computer virus that attacked Iran's nuclear program, dates back to 2007, according to researchers at Symantec Corp. Stuxnet, believed to have been created by the US and Israel, was in development as early as 2005.
If Iran succeeds in installing next-generation enrichment centrifuges at Natanz, as it reportedly has told the UN's atomic agency it is doing, it could shorten Iran's breakout time to a nuclear weapon.
A Saudi energy company has lately confirmed that its computer networks were targeted by a cyberattack. But perhaps more important is the discovery of Gauss, malware believed to be related to the Stuxnet worm that attacked Iran's nuclear centrifuges in 2009.