Reports that Iran had recovered from the infection of the Stuxnet worm may have been overblown, as a new report suggests the country is being forced to replace thousands of expensive centrifuges damaged by the worm.
The report from the Web site DEBKAfile cites “intelligence sources” in claiming that Stuxnet was not purged from Iran’s nuclear sites and that the country was never able to return its uranium enrichment operation to “normal operation.” Instead, the country has said in recent days that it is installing newer and faster centrifuges at its nuclear plants and intends to speed up the uranium enrichment process, according to the country’s foreign ministry.
Iran was believed to have 8,700 centrifuges in operation at the country’s Natanz facility the time the Stuxnet worm was released, which is believed to be around June, 2009. A recent report from Wired’s ThreatLevel blog cites International Atomic Energy Agency (IAEA) officials who inspected the plant in January 2010 as saying up to a quarter of those centrifuges were disabled at that point, just months after the worm was released, and a full six months before it would be publicly identified by researchers at the Belarussian antivirus firm VirusBlokAda.
A report from the Institute for Science and International Security (PDF), dating from February, 2011, as well as contemporary news reports at the time that assessed the damage caused to Iran’s uranium enrichment program to be limited. Debkafile, citing Western intelligence sources, reports that Iran failed to eradicate the worm, which resurfaced and began spreading within the Iranian facilities, prompting the government to replace an estimated 5,000 working centrifuges.
Stuxnet is widely believed to have been created specifically to disable Iran’s nuclear enrichment facilities, possibly with the involvement of the U.S. and Israel. The worm was among the most sophisticated pieces of malware ever discovered in the wild. However, experts also note that Stuxnet wasn’t perfect and, in fact, that its authors made several, basic errors that may have prevented it from being discovered at all.