Stuxnet is a celebrity among viral code, hitting the headlines some time ago for reportedly hitting an Iranian nuclear facility. A new cyber security report claims it is much older than initially thought.
Symantec researchers, one of the firms involved in the initial analysis of the code when it was first discovered in 2010 issued a new white paper detailed a strain of the code which was operational between 2007 and 2009. They claim it may even have been operating back in 2005. The initial report said it was created in 2009.
Stuxnet was classified as one of the most sophisticated and complex ‘cyber weapons’ in history and was documented as the product of years of coding with potentially millions in funding behind it, likely from a nation state group of experts.
No government is admitting being responsible for Stuxnet, however the New York Times said it was an attack launched by America and Israel against Iran. The Times said that the cyber campaign (codename Olympic Games) was started under George W. Bush presidency but was accelerated under orders from President Obama when he took office in 2009.
Symantec report that Stuxnet 0.5 was designed to stop infecting computers after July 4th, 2009, noted for being Independence Day in America. A newer version of the Stuxnet code 1.001 appeared just before V0.5 stopped operating.
Later versions of the code “significantly increased their spreading capability and use of vulnerabilities” and “adopted an alternative attack strategy”. It targeted the Iranian facility, specifically spinning centrifuges.
Kitguru says: Clever code, but no one is willing to accept responsibility for it.