A report from the Netherlands claims {that a} Dutch man performed a key position within the infamous Stuxnet worm assault towards an Iranian nuclear facility, which then by accident escaped into the broader world.
It’s not information that the US and Israel are extensively believed to be the creators of the delicate Stunxnet malware, which exploited zero-day flaws to sabotage Iran’s uranium enrichment amenities at Natanz, or that the US is believed to have later tried to make use of a model of Stuxnet towards North Korea’s nuclear weapons program.
If the report from NL Occasions is taken at face worth, what’s information is that an agent of AIVD (the Dutch intelligence company), named as Erik van Sabben, additionally assisted the assault.
The suggestion is that Erik van Sabben gained entry to Natanz, working undercover for a corporation putting in gear on the nuclear facility. Such an individual may not solely be capable to collect technical details about the pc techniques that handle centrifuges, but additionally introduce malware on a USB stick.
It actually sounds a extra believable manner of introducing malware to an air-gapped system than leaving a USB stick mendacity round within the automobile park, and hoping that somebody picks it up and plugs right into a PC.
Maybe essentially the most eyebrow-raising declare of all made within the report is an virtually throwaway comment that Stuxnet “price over a billion {dollars} to develop.”
That appears an astonishingly massive amount of cash to have spent on a chunk of malware, even for one so focused and revolutionary as Stuxnet. I discover the determine onerous to take significantly with out extra rationalization as to the way it was calculated.
A lot of the report by NL Information seems to be primarily based on a prolonged piece in de Volksrant from 2019, written by investigative Dutch journalist Huib Modderkolk.
Nevertheless, that article makes no point out of Erik van Sabben, and claims that AIVD recruited an unnamed Iranian (not Dutch) engineer.
Sadly, Erik van Sabben can’t reply to the claims that he performed a important position in one of the crucial infamous cyber assaults in historical past. He died in a bike accident, shortly after leaving Iran, in January 2009. He was 36 years outdated.
Replace: Due to Clu-blog reader Baerd who acquired in contact to level out that NL Information‘s story seems to be primarily based upon a newer article from de Volksrant than the one NL Information was linking to initially.
