Iran has claimed to have arrested spies involved in the Stuxnet virus release. Stuxnet targets Siemens factory computers like the ones used in nuclear plants. The likelihood that Iran has arrested someone is near 100%. Given Iran’s track record of judicial responsibility, the chances they have had anything to do with Stuxnet is near zero.
Intelligence Minister Heydar Moslehi also told the New York Times that Iran has “complete mastery” over the virus.
According to Iran Information Technology executive Hamid Alipour, however, the worm is spreading.
“This is not a stable virus. By the time we started to combat it, three new variants had been distributed.”
It will take between a month and two months to counter the virus, he said.
Neither Moslehi nor any other Iranian spokesman gave any further information regarding the alleged spies or the alleged “mastery” over the worm.
The complexity of the virus and its focus on industrial computers has led many experts to believe the virus was a product of electronic warfare, produced by a nation-state. Given the likelihood of Iran’s first nuclear power plant, Bushehr, coming online soon, many believe the U.S. or Israel to be involved. (Though some believe if Iran was a target, it was for its uranium refinery at Natanz.)
Given the frequency of such white-noise warfare, the number of players involved and the fact that over 45,000 systems have been affected, it’s impossible to make a hard-and-fast judgment at this point. The elements of the code that indicated Israeli origin could be a false trail to lead observers to that conclusion, or it could be evidence. Iran is not short of enemies that would rather it not achieve membership in the nuclear community.
CNET has published a good fact vs. theory breakdown of Stuxnet.