The Stuxnet worm, used to attack nuclear reprocessing plants in Iran, was targeting the country as early as 2005, say reseqarchers at security firm Symantec.
Reportedly created by the US and Israel, stuXnet appears to have been in development for five years before the discovery in 2010 of a version that caused the plants’ centrifuges to speed up and slow down.
However, the newly-found early version – dubbed Stuxnet 0.5 – appears to have been designed to affect the pressure of raw uranium gas being fed into the centrifuges.
“Stuxnet 0.5 may have been in operation as early as 2005. The exact date this version began circulating in the wild is unclear,” says Symantec on the company blog.
“What is known is that the date this early variant stopped compromising computers was July 4, 2009 — just 12 days after version 1 was created.”
Stuxnet 0.5, says Symantec, used Tilded platform code, rather than Flamer, and was less effective in its spreading capability and use of vulnerabilities than the later version.
“Until now Stuxnet was believed to be a project developed by people with access to Flamer components and not necessarily the whole Flamer platform source code. The discovery of Stuxnet 0.5 shows that Stuxnet’s developers had access to the complete Flamer platform source code,” says Symantec.
“Both the Flamer and Tilded platform code bases are different enough to suggest different developers were involved.”
The timing of the early version confirms that the worm was developed during the presidency of George W Bush. The government has refused to comment and, according to Reuters, is now investigating how detils of its cyberwarfare program came to be leaked.