Last updated: 25 July, 2012

Finnish firm says new cyber attack may have targeted Iran

A scientist claiming to work for the Atomic Energy Organisation of Iran told a Finnish cyber-security group that Tehran’s nuclear programme had been the victim of a new cyber attack, the group said Wednesday.

Mikko Hypponen, the research head for the Finnish firm F-Secure, said he received a series of emails over the weekend from Iran.

“The only thing we can confirm is that these emails were coming from inside the Atomic Energy Organization of Iran,” Hypponen said.

“Whether he was telling the truth we don’t know. It does sound a bit far-fetched.”

Hypponen said the researcher claimed the nuclear programme was compromised by a new worm that affected computer networks and said a hacking tool called Metasploit was used.

“He said that the IT staff had sent an email, an internal email, explaining that there has been an attack and had some details of the attack including the Metasploit reference,” Hypponen said.

According to the emails, computers at the uranium enrichments sites in Natanz and Fordo were attacked.

“There was also some music playing randomly on several of the workstations during the middle of the night with the volume maxed out. I believe it was playing ‘Thunderstruck’ by AC/DC,” Hypponen said.

The United States and Israel in 2010 reportedly masterminded a malware attack using a worm called Stuxnet that disrupted Iran’s uranium enrichment.

Western powers and Israel suspect Iran is trying to develop an atomic bomb. Iran insists its nuclear programme is for peaceful purposes only.