Safe Mode: On
An alarmed Iran asks for outside help to stop rampaging Stuxnet malworm

Tehran this week secretly appealed to a number of computer security experts in West and East Europe with offers of handsome fees for consultations on ways to exorcize the Stuxnet worm spreading havoc through the computer networks and administrative software of its most important industrial complexes and military command centers. debkafile's intelligence and Iranian sources report Iran turned for outside help after local computer experts failed to remove the destructive virus.

None of the foreign experts has so far come forward because Tehran refuses to provide precise information on the sensitive centers and systems under attack and give the visiting specialists the locations where they would need to work. They were not told whether they would be called on to work outside Tehran or given access to affected sites to study how they function and how the malworm managed to disable them. Iran also refuses to give out data on the changes its engineers have made to imported SCADA (Supervisory Control and Data Acquisition) systems, mostly from Germany.

The impression debkafile sources gained Wednesday, Sept. 29 from talking to European computer experts approached for aid was that the Iranians are getting desperate. Not only have their own attempts to defeat the invading worm failed, but they made matters worse: The malworm became more aggressive and returned to the attack on parts of the systems damaged in the initial attack.

One expert said: "The Iranians have been forced to realize that they would be better off not 'irritating' the invader because it hits back with a bigger punch."

Looking beyond Iran's predicament, he wondered whether the people responsible for planting Stuxnet in Iran - and apparently continuing to offload information from its sensitive systems - have the technology for stopping its rampage. "My impression," he said, "is that somebody outside Iran has partial control at least on its spread. Can this body stop malworm in its tracks or kill it? We don't have that information at present, he said.

As it is, the Iranian officials who turned outside for help were described by another of the experts they approached as alarmed and frustrated. It has dawned on them that the trouble cannot be waved away overnight but is around for the long haul. Finding a credible specialist with the magic code for ridding them of the cyber enemy could take several months. After their own attempts to defeat Stuxnet backfired, all the Iranians can do now is to sit back and hope for the best, helpless to predict the worm's next target and which other of their strategic industries will go down or be robbed of its secrets next.

While Tehran has given out several conflicting figures on the systems and networks struck by the malworm - 30,000 to 45,000 industrial units - debkafile's sources cite security experts as putting the figure much higher, in the region of millions. If this is true, then this cyber weapon attack on Iran would be the greatest ever.


Click to view image: '2869d05642ef-mahmoudahmadinejadvisit001.jpg'

Added: Sep-30-2010 
By: jumpingforJoy
In:
Iran, Middle East
Tags: An, alarmed, Iran, asks, for, outside, help, to, stop, rampaging, Stuxnet, malworm, ,
Views: 10822 | Comments: 33 | Votes: 1 | Favorites: 2 | Shared: 0 | Updates: 0 | Times used in channels: 1
You need to be registered in order to add comments! Register HERE
Sort by: Newest first | Oldest first | Highest score first
Liveleak opposes racial slurs - if you do spot comments that fall into this category, please report them for us to review.
  • The lesson to Iran...don't threaten the west when most of your infra-structure is built by the west.

    In other words, our nerds are brighter than your nerds.

    Posted Sep-30-2010 By 

    (12) | Report

  • LMAO... Iranians getting owned by the US or Israel

    Posted Sep-30-2010 By 

    (6) | Report

  • They should call Dell. For 120 bucks they'll tell them to get Norton.

    Posted Sep-30-2010 By 

    (4) | Report

  • Hmmmm get them flyin' boats out again Bubba, this is what a real war looks like and flyin' boats always make a good photo op.

    Posted Sep-30-2010 By 

    (3) | Report

  • Birth of Skynet. lol

    Posted Sep-30-2010 By 

    (3) | Report

  • nothing a pimple ridden American nerd teenager can't solve in a couple of minutes while gorging on a bag of flaming cheetos and a pepsi, lol!

    Posted Sep-30-2010 By 

    (3) | Report

  • These assholes want someone to come in and fix their computers so they can bring on the apocalypse?

    Fuck 'em.

    Posted Oct-1-2010 By 

    (3) | Report

  • I like this! Cyber asskicking at its finest.

    Posted Sep-30-2010 By 

    (2) | Report

  • F*#kin monkeys, I hope the virus/malware f*#ks up your whole infrastructure...

    Posted Sep-30-2010 By 

    (2) | Report

  • I guess the Iranian have porn, good for them.

    Posted Oct-1-2010 By 

    (2) | Report

  • hahahaaaa what happend to smart iranians?? cave monkeys

    Posted Sep-30-2010 By 

    (1) | Report

  • Somehow when ever an article starts off with "One expert said" my bullshit alarm starts to go off.

    "Debka File" an Israeli propaganda/fake news website making claims that the (more than likely Israeli/US funded and produced) Stuxnet worm is working exactly as planned.

    OK, lols

    Posted Oct-1-2010 By 

    (1) | Report

  • Hmmm, I guess they didn't renew their subscription to Norton this year...?

    Posted Oct-9-2010 By 

    (0) | Report

  • lol

    Posted Sep-30-2010 By 

    (0) | Report

  • Why don't high value computer systems like this simply have a fully functional backup hard disk system. If they get infected simply shut it down, pull all the hard disks simultaneously and install the backups. Presto, virus gone. What is so hard about that?

    Is a few thousand dollars worth of hard disks really too much of an investment for an operation of this size?

    Posted Oct-1-2010 By 

    (0) | Report

    • Agreed! What so hard about that? Any computer user can get this problem fixed in no time, let alone a system admin.

      Posted Oct-1-2010 By 

      (-2) | Report

    • Actualy there is a problem of keeping those "fully functional" backups "fully functional" or up to date. Worm like that may not be noticed immediately (and isn't if you think of it) so when you take backups from your systems you can't tell if those files aren't already infected or not and important research files may beed to be backupped everyday (file you save but don't backup lasts only long as your hardrive).

      Not to mention the fact that it is possible that this virus More..

      Posted Oct-1-2010 By 

      (1) | Report

    • If worse comes to worst, they can simply get a fresh install of the OS, re-install the SCADA software and reload the PLC programs, the worm infects windows so replacing it should take care of the problem but, if the worm came with the original software or drives that Russians provided then, that's a different story.

      Posted Oct-1-2010 By 

      (-1) | Report

  • Funny, they show the guy standing by a 1960s milk homogonizer and say he is building space ships and
    ..Ill be back.. robots

    Posted Oct-1-2010 By 

    (-2) | Report

  • Bullshit news! The worm can be disabled very easily by following simple steps, how the fuck would the worm update itself if you disconnect the affected systems from the internet? Clean the infected systems, apply the software patches then reload the system programmable logic controllers' software and you're good to go. Whoever wrote this article doesn't know shit about computers.

    Posted Sep-30-2010 By 

    (-12) | Report