A new worm targeted Iran’s nuclear program, closing down
the “automation network” at the Natanz and Fordo facilities,
the Internet security site reported, citing an e-mail it said
was sent by a scientist inside Iran’s Atomic Energy
Organization.
The virus also prompted several of the computers on site to
play the song “Thunderstruck” by AC/DC at full volume in the
middle of the night, according to the e-mail, part of which is
published in English on the website.
F-Secure Security Labs, which is linked to F-Secure Oyj (FSC1V),
the Finnish maker of security and cloud software, said that
while it was unable to verify the details of the attack
described, it had confirmed that the scientist who reported them
was sending and receiving the e-mails from within Iran’s Atomic
Energy Organization.
Iran’s nuclear program and oil facilities have been subject
to a succession of cyber attacks that the Foreign Ministry said
in May were launched by hostile governments as part of a broader
“soft war.” Iran accuses the U.S. and Israel of trying to
sabotage its technological progress. Both countries say Iran’s
nuclear activities may have military intent, an allegation that
Iran denies.
E-Mail Exchange
Mikko Hypponen, chief security officer at F-Secure Security Labs and the person involved in the correspondence, said he received three e-mails on July 22 from an individual with an aeoi.org.ir e-mail address, receiving replies after he responded. After researching the person’s name on the internet, Hypponen said he found “plenty of nuclear science papers and articles published by someone with this name.”“I can’t confirm that the person was who he said he was. And I can’t confirm any of the things he said actually happened,” Hypponen wrote in reply to e-mailed questions. “But I can confirm I was emailing with someone who had access to an aeoi.org.ir address.”
Iran has called on the United Nations to condemn organized cyber attacks against nations, the head of Iran’s Information Technology Organization, Ali Hakim Javadi, said today, according to a report by the state-run news channel Press TV. Significant investment is needed for the creation of malware viruses such as Stuxnet or Flame, which previously targeted Iran, indicating that they were not produced by individuals, the Iranian official said.
High Voltage
AC/DC have played “high voltage rock ’n’ roll” since they were formed in 1973 in Australia, according to the band’s website. Their songs were among the loud music played to detainees at the Guantanamo Bay prison facility in preparation for interrogations, the Associated Press reported in October 2009, citing the National Security Archive in Washington.An attack where the infected PCs start playing AC/DC isn’t that likely “unless the attacker really wants the victim to know they are hit,” Hypponen said.
F-Secure Security Labs is involved in analyzing viruses, spyware and spam attacks, according to its website.
Source : Here
To contact the reporter on this story: Ladane Nasseri in Dubai at lnasseri@bloomberg.net
To contact the editor responsible for this story: Andrew J. Barden at barden@bloomberg.net.