WASHINGTON, Sept. 21 (UPI) -- A piece of computer malware may be harming a specific target, possibly Iran's Bushehr nuclear power plant, a German expert says.
"Until a few days ago, people did not believe a directed attack like this was possible," Ralph Langner, a German cyber-security researcher, told the Christian Science Monitor. "What (the cyber worm) Stuxnet represents is a future in which people with the funds will be able to buy an attack like this on the black market. This is now a valid concern."
Langner was scheduled to present his findings in Rockville, Md., Tuesday at a closed-door conference of industrial control system security experts.
U.S. experts back up Langner's concerns, the Monitor said.
Some top cyber-security experts say Stuxnet represents a new threat -- a cyber weapon created to cross into the physical world from the digital world to destroy something, the Monitor said.
The report said the encrypted, complex worm has not been immediately understood, and it employs new maneuvers, such as taking control of a computer system without the user taking any action or clicking any link, just inserting an infected memory stick.
The United States and Israel are two countries that could engineer such a threat, the report said.
Canadian expert Eric Byres told the Monitor Stuxnet so far has infected at least 45,000 industrial control systems around the world, without blowing them up, with most of the victim computers in Iran, Pakistan, India and Indonesia. Langner said once inside, Stuxnet waits, checking every five seconds to see if its exact parameters are met by the system -- then is programmed to activate a sequence that causes the industrial process to self-destruct.
Langner told the Monitor his views on Stuxnet's target is speculation based on threads he has seen in the media, but he suspects that the Bushehr plant may already have been wrecked. Bushehr's expected startup in late August was delayed for unspecified reasons though one Iranian official blamed the delay on hot weather.