Insight: Did Conficker help sabotage Iran's nuke program?

Fri Dec 2, 2011 5:23am EST
 
Email This Article |
Share This Article
  • Facebook
  • LinkedIn
  • Twitter
| Print This Article | Single Page
[-] Text [+]

By Jim Finkle

(Reuters) - A cyber warfare expert claims he has linked the Stuxnet computer virus that attacked Iran's nuclear program in 2010 to Conficker, a mysterious "worm" that surfaced in late 2008 and infected millions of PCs.

Conficker was used to open back doors into computers in Iran, then infect them with Stuxnet, according to research from John Bumgarner, a retired U.S. Army special-operations veteran and former intelligence officer.

"Conficker was a door kicker," said Bumgarner, chief technology officer for the U.S. Cyber Consequences Unit, a non-profit group that studies the impact of cyber threats. "It built out an elaborate smoke screen around the whole world to mask the real operation, which was to deliver Stuxnet."

While it is widely believed that the United States and Israel were behind Stuxnet, Bumgarner wouldn't comment on whether he believes the Americans and Israelis also unleashed Conficker, one of the most virulent pieces of so-called malware ever detected. He wouldn't name the attackers he believes were behind the two programs, saying the matter was too sensitive to discuss.

The White House and the FBI declined to comment.

Prime Minister Benjamin Netanyahu's office, which oversees Israel's intelligence agencies, also declined comment.

If Bumgarner's findings, which couldn't immediately be independently confirmed, are correct then it shows that the United States and Israel may have a far more sophisticated cyber-warfare program than previously thought. It could also be a warning to countries other than Iran that they might be vulnerable to attacks.

His account leaves unresolved several mysteries. These include the severity of the damage that the program inflicted on Iran's uranium enrichment facility, whether other facilities in Iran were targeted and the possibility that there were other as yet unidentified pieces of malware used in the same program.   Continued...