RSA: Stuxnet dates back to 2005, Symantec reports

A recently-discovered build of a Stuxnet precursor could indicate that industrial malware is older and more widespread than originally believed, Symantec has reported.

Symantec said it had found a build of the Stuxnet attack tool which dates back to 2005 and uses different techniques to sabotage uranium enrichment facilities. Dubbed Stuxnet .05, the tool is believed to have been targeted at facilities in Iran.

Discovered in 2010, the Stuxnet malware infected systems in the Middle East with the intent of accessing uranium centrifuges within Iran. The malware then accessed the motors of the centrifuge and set them to a higher setting which would cause hardware to fail.

According to Symantec, the Stuxnet 0.5 build targets the valves which control the flow of gas into the centrifuge, causing pressure within the units to change and lead to hardware failures.

While no group has formally declared responsibility for building Stuxnet, the attack is widely believed to have been a collaboration between government agencies in the US and Israel. Leaked documents from the White House have suggested that the US is increasingly using cyber warfare as a means of espionage.

Francis deSouza, Symantec president of proucts and services, said that the discovery shows that cyber warfare and attacks on infrastructure are fare more pervasive and common than originally believed. He noted that attacks once thought to be the sole domain of traditional military powers are now available to nearly all nation-states.

"Before, it was really the top dozen to two dozen countries that were able to run a cyber war," he told conference attendees.

"That has changed dramatically, most countries now have access to very sophisticated cyber weapons. A very small country today can disrupt a country that is thousands of times bigger in GDP."