Stuxnet “badly infected” Russian nuclear plant, claims Kaspersky

Graham Cluley

Eugene Kaspersky Anti-virus mogul Eugene Kaspersky has claimed that the Stuxnet virus – widely believed to have been built by the United States and Israel to disrupt Iran’s nuclear plans – managed to also infect the internal network of a Russian nuclear plant.

The claim came in a speech given by Kaspersky at the National Press Club of Australia last week, where he was a keynote speaker.

You can see Kaspersky make the revelation at approximately 27 minutes into the below video.

In a question-and-answer session, following his keynote speech, Eugene Kaspersky says that an engineer friend told him how a Russian nuclear facility – disconnected from the internet – had been “badly infected” by Stuxnet, after the malware had caused damage at Iran’s nuclear facilities in Natanz.

There is no way to independently verify the claim, of course. But it is a fact that Stuxnet managed to infect many computer systems outside of its intended target in Iran. Indeed, the very fact that it spread out of control, was what lead to its discovery by security firms.

If the claim of the Russian nuclear plant infection is true, then it’s easy to imagine how this “collateral damage” could have turned into a very serious incident indeed, with obvious diplomatic repercussions.

Separately in the speech, Kaspersky claims that “all data is stolen… at least twice”.

Perhaps an exaggeration, there… Lets hope so.

Graham Cluley Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.