Fox News – Iran’s nuclear program is still in chaos despite its leaders’ adamant claim that they have contained the computer worm that attacked their facilities, cybersecurity experts in the United States and Europe say.
Eric Byres, a computer expert who has studied the worm, said his site was hit with a surge in traffic from Iran, meaning that efforts to get the two nuclear plants to function normally have failed. The web traffic, he says, shows Iran still hasn’t come to grips with the complexity of the malware that appears to be still infecting the systems at both Bashehr and Natanz.
“The effort has been stunning,” Byres said. “Two years ago American users on my site outnumbered Iranians by 100 to 1. Today we are close to a majority of Iranian users.”
Ralph Langner, the German expert who was among the first to study and raise alarms about Stuxnet, said he was not surprised by the development.
“The Iranians don’t have the depth of knowledge to handle the worm or understand its complexity,” he said, raising the possibility that they may never succeed in eliminating it.
“Here is their problem. They should throw out every personal computer involved with the nuclear program and start over, but they can’t do that. Moreover, they are completely dependent on outside companies for the construction and maintenance of their nuclear facilities. They should throw out their computers as well. But they can’t,“ he explained. “They will just continually re-infect themselves.”
“With the best of expertise and equipment it would take another year for the plants to function normally again because it is so hard to get the worm out. It even hides in the back-up systems. But they can’t do it,” he said.
var _phPubId = ‘dkr04’;
var _phWidth = ‘300’;
var _phHeight = ‘250’;
var _phBgColor = ‘#ebebeb’; // For background color
var _phBorderColor = ‘#999999’; // For border color
var _phTextColor1 = ‘#006699’; // For Link 1 color
var _phTextColor2 = ‘#333333’; // For Link 2 color
var url = ‘http://ph.affinity.com/ph-adcloud-m.js?’ + ‘h=’+escape(location.hostname) + ‘&pb=’ + escape(_phPubId);