Foreign Policy Blogs

Smoking-Gun Analysis Links Stuxnet to Natanz

Symantec, a top cyber security firm based in Cupertino, Calif., has released a report that shows convincingly (in my opinion) that the stuxnet worm was designed specifically to disrupt uranium enrichment operations at Iran’s Natanz plant. An earlier analysis by a leading German cyber security expert, which I described in detail in an earlier post in this space, described Stuxnet as a highly sophisticated worm that must have been concocted by governmental intelligence and concluded it may very well have been aimed at Natanz. If the Symantec analysis is right, Stuxnet must have been targeted specifically at Natanz.
As noted in the previous post, stuxnet targeted the Siemens WinCC SCADA system. But what is more, it now appears, it specifically targeted certain high frequency converter drives, “power supplies that are used to control the speed of a device, such as a motor,” as Wired magazine put it in an account yesterday. The malware was designed to intercept commands sent to the motor drives, disrupting their operation intermittently, unpredictably, and undetectably,
That’s not all. The malware would disrupt the operations of not just any motor regulated by the WinCC system, but only at least 33 motors running in coordinated fashion, their drives manufactured by two companies in particular–one Iranian and one Finnish–and spinning at frequencies between 807 Hertz and 1210 Hz. It so happens, as Symantec noted trenchantly, “frequency converter drives that output over 600 Hz are regulated for export by the United States by the Nuclear Regulatory Commission as they can be used for uranium enrichment.”
Just to spice things up (evidently), if the number of drives made by the Finnish company Vacon exceeded the number made by Iran’s Fararo Payo, stuxnet would unleash one series of unfortunate events; if Farao Pavo machines outnumbered Vacon’s, a different succession of mishaps would follow.
It seems quite clear, in short, that stuxnet was designed to sabotage plant operations in weird ways that would be almost impossible to figure out, and that the plant it was designed to infect was Iran’s Natanz enrichment plant, with its numerous cascades of fast-spinning uranium centrifuges.



William Sweet

Bill Sweet has been writing about nuclear arms control and peace politics since interning at the IAEA in Vienna during summer 1974, right after India's test of a "peaceful nuclear device." As an editor and writer for Congressional Quarterly, Physics Today and IEEE Spectrum magazine he wrote about the freeze and European peace movements, space weaponry and Star Wars, Iraq, North Korea and Iran. His work has appeared in magazines like the Bulletin of Atomic Scientists and The New Republic, as well as in The New York Times, the LA Times, Newsday and the Baltimore Sun. The author of two books--The Nuclear Age: Energy, Proliferation and the Arms Race, and Kicking the Carbon Habit: The Case for Renewable and Nuclear Energy--he recently published "Situating Putin," a group of essays about contemporary Russia, as an e-book. He teaches European history as an adjunct at CUNY's Borough of Manhattan Community College.