Round Two in Iranian Cyber Attacks

By Daria Carmon

Several months after Iran’s nuclear facilities were hit by ‘Stuxnet’ a vicious computer virus, senior government official Gholam Reza Jalali has confirmed that another computer virus, this one borne through the Internet, has been aimed at Iran’s government computer systems. Jalali, head of an Iranian military unit that combats sabotage, alleges that the new virus, called ‘Stars’, is being used as part of a campaign to disable Iran’s nuclear program. In a press release, he noted that “In the initial stage, the damage is low and [the virus] is likely to be mistaken for governmental executable files.” The virus is currently being investigated in a laboratory, and it should be noted that Jalali admitted that researchers still don’t understand its purpose or exactly how it operates. Security experts say that Jalali’s initial description of the virus shows that the attacks use infected Word, Excel, and PDF files. His guess that it is targeting the nuclear system comes from Iran’s troubles with the Stuxnet virus, which did affect several nuclear centrifuges used to enrich uranium.

Earlier in April, Jalali told Iran’s state news agency that Siemens, a German engineering company, was partially to blame for the Stuxnet virus because they are involved with producing the SCADA systems used to control Iran’s nuclear computer and other systems. He also claimed that an investigation traced the virus’s origin to the United States. He has called for legal action against Siemens and any country involved in the Stuxnet attack, saying that if they had not been ready to defend against it, there would have been tragic results at the country’s industrial and nuclear sites.