Symantec: Stuxnet cyberweapon older than previously believed
Updated at 11:22 a.m. ET
LONDON The sophisticated cyberweapon which targeted an Iranian nuclear plant is older than previously believed, an anti-virus firm said Tuesday, peeling back another layer of mystery on a series of attacks attributed to U.S. and Israeli intelligence.
The Stuxnet worm, aimed at the centrifuges in Iran's Natanz plant, transformed the cybersecurity field because it was the first known computer attack specifically designed to cause physical damage. The precise origins of the worm remain unclear, but until now the earliest samples of Stuxnet had been dated to 2009.
Security experts generally agree that Stuxnet was an attempt to sabotage Iran's uranium enrichment centrifuges, which can be used to make fuel for reactors or weapons-usable material for atomic bombs. Iran maintains its nuclear program is for peaceful purposes.
As "60 Minutes" correspondent Steve Kroft reported last year, Stuxnet was incredibly complicated and sophisticated, beyond the cutting edge. By the time it was first detected in June 2010, it had been out in the wild for a year without drawing anyone's attention, and seemed to spread by way of USB thumb drives, not over the Internet.
By the fall of 2010, the consensus was that Iran's top secret uranium enrichment plant at Natanz was the target and that Stuxnet was a carefully constructed weapon designed to be carried into the plant on a corrupted laptop or thumb drive, then infect the system, disguise its presence, move through the network, changing computer code and subtly alter the speed of the centrifuges without the Iranians ever noticing, Kroft reported.
"Stuxnet's entire purpose is to control centrifuges," Liam O Murchu, an operations manager for Symantec, told Kroft. "To make centrifuges speed up past what they're meant to spin at and to damage them. Certainly it would damage the uranium enrichment facility and they would need to be replaced."
Last June, The New York Times traced the origins of the top-secret program back to 2006.
In a new report issued late Tuesday, Symantec Corp. pushed that timeline further back, saying it had found a primitive version of Stuxnet circulating online in 2007 and that elements of the program had been in place as far back as 2005.
One independent expert who examined the report said it showed that the worm's creators were particularly far-sighted.
"What it looks like is that somebody's been thinking about this for a long, long time the better part of a decade," said Alan Woodward, a computer science professor at the University of Surrey. "It really points to a very clever bunch of people behind all of this."
The Times reported that President George W. Bush ordered the deployment of Stuxnet against Iran in a bid to put the brakes on its atomic energy program, detailing how the worm tampered with the operation of Natanz's centrifuge machines to send them spinning out of control.
President Obama, who succeeded Bush shortly after the first attacks, expanded the campaign, the report said.
U.S. and Israeli officials have long declined to comment publicly on Stuxnet or their alleged involvement in creating and deploying the computer worm.
Symantec's report suggests that an intermediate version of the worm Stuxnet 0.5 was completed in November 2007. That worm lacked some of the sophistication of its descendant, Symantec said, and was designed to interfere with the centrifuges by opening and closing the valves which control the flow of uranium gas, causing a potentially damaging buildup in pressure.
That approach was dropped in later, improved versions of the Stuxnet code.
Symantec said the servers used to control the primitive worm were set up in November 2005, suggesting that Stuxnet's trailblazing authors were plotting out their attack at a time when many parts of the Internet now taken for granted were not yet in place. Twitter did not exist, Facebook was still largely limited to U.S. college campuses, and YouTube was in its infancy.
Woodward said that had troubling implications.
"Clearly these were very forward-thinking, clever people that were doing this," he said. "There's no reason to think that they're less forward-thinking now. What are they up to?"
Popular on CBSNews.com
- Mexico's drug war 20 Photos
- Graphic video: Man dead in "truly shocking" London attack Play Video
- 2 men from diverted Pakistani flight into U.K. arrested
- Muslim hard-liners ID suspect in London attack
- Bangladesh slum life 13 Photos
- Former sex slaves: Osaka mayor should quit
- U.K. official: London attack suspects probed before
- Tokyo's rockabilly scene 16 Photos