14 DAY TRIAL // Iranian President Mahmoud Ahmadinejad admitted that several of the country's uranium enrichment centrifuges were affected by malware, indirectly positioning Stuxnet a strong candidate for the attack.
During a press conference today, President Ahmadinejad was asked by journalists if the nuclear program was disrupted by a cyberattack, as it was widely speculated during recent months.
He responded that "they were able to create problems on a limited basis for some of our centrifuges by software installed in electronic equipment," but stressed that "our specialists stopped that and they will not be able to do it again."
It's not clear who "they" are, but earlier this year Iran's intelligence minister announced that several spies involved in cyberspace-related attacks against its nuclear program were arrested.
The media later speculated that these were in fact Iranian scientists suspected of collaborating with the Western countries and not actual foreign spies.
President Ahmadinejad did not name the software which affected the centrifuges, but given his description, it's almost certainly that it was the Stuxnet industrial espionage worm.
Stuxnet is considered the most sophisticated piece of malware ever created. Judging by the complexity of its code, security researchers concluded that it's likely the work of a team of programmers working for a nation state.
Since Iran has been a hotspot for Stuxnet infections, some experts suggested that the worm's primary target was the nuclear plant at Bushehr, which was scheduled to start loading nuclear fuel at the end of August.
Two weeks ago, researchers from Symantec announced another breakthrough in Stuxnet analysis, according to which the worm was designed to sabotage high-speed frequency converters produced by two companies, one in Finland and one in Tehran.
Such low-harmonic frequency converter drives have a limited number of applications, but the most common one is related to the operation of uranium enrichment centrifuges.
"Stuxnet changes the output frequencies and thus the speed of the motors for short intervals over periods of months. Interfering with the speed of the motors sabotages the normal operation of the industrial control process," the researchers explained.
Giving President Ahmadinejad's statement today and Symantec's analysis, it would be fair to assume that Stuxnet's primary target was not the nuclear power plant at Bushehr, but the fuel enrichment one at Natanz.