Stuxnet virus existed 2 years prior to attacks

Researchers from Symantec have uncovered more information about Stuxnet, the virus that was used to damage Iran's main nuclear enrichment facilities back in 2007. The Stuxnet virus was speculated to be created solely to damage the nuclear plants in Iran. In an 18-page report by Symantec, it turns out that the existence of Stuxnet dates back to 2005. The virus was called Stuxnet 0.5 at the time, but there isn't any word yet on whether or not this version of the virus was used to do any damage.

The Stuxnet virus attack in 2007 was very specific. It infected the systems that were used to manipulate the centrifuges in 14 industrial sites located in Iran. It shut off valves that supplied uranium hexafluoride gas to the centrifuges, which in turn damaged the centrifuges. It was able to manipulate the systems due to a few security holes inside of the Windows operating system. It then replicated itself over and over, and used the Siemens Step7 software to take advantage of Iran's systems.

More attacks from Stuxnet happened from 2009 through 2010 in the Natanz facility. The Stuxnet virus manipulated the systems at the Natanz facility and destroyed up to 1000 centrifuges. The virus was able to do so by manipulating the operating speeds of the centrifuges. It would greatly increased the operating speed of several centrifuges, then decrease the operating speeds, and the variation between the two caused the centrifuge's tubes to expand making the centrifuge destroy itself.

Symantec stated that whoever created Stuxnet created "a complicated and sophisticated piece of malware requiring a similar level of skill and effort to produce." It's still a mysterious to us as to who initiated the Stuxnet virus attacks, but many believed that it was a joint effort between the United States and Israel. The Stuxnet 0.5 discovery doesn't show much except the evolution of the virus in the succeeding years, and how it was altered to do much more specific and widespread damage.

[via CNET]