Viewing a single comment thread. View all comments

ramriot t1_j4j9wr8 wrote

My opinion is immaterial here, the evidence & timing thereof though suggests a very different scenario to what a surface description would suggest.

Imagine if you will that you are a pair of nation states about to pay real money to devise a way of suspiciously attaching Iran's enrichment program. One very important factor in that is that you keep your technique secret so that should it be needed again later, say with North Korea it can be deployed successfully.

Thus when what is now called Stuxnet was first developed around 2005 it was only as pernicious as needed while being very careful to leave no traces. It's introduction to the Iranian Scada control network in summer of 2007 was reported to have been via an Iranian mole working for the Dutch intelligence organisation or via another operative under that person's control.

Now fast forward to 3 years later in 2010 when code snippets start surfacing from a virus that seem to have payloads targetting Scada control systems. The source zone of this infection appears to stem from Iran and communicating networks. The theory is that it was an inadvertent spread from an Iranian engineer who against orders took a computer previously part of the air-gapped network hone & connected it to the internet.

Within a year of public identification there were many variants of this virus, perhaps reverse engineered from samples & used by others to create further Havok.

By hey, don't trust me it's all here.

2