A computer worm that has infected industrial computers around the world may be part of a campaign targeting nuclear installations in Iran, computer-security researchers said.
The highest concentration of affected systems — almost 60 percent — is in that country, according to data from Symantec Corp., the computer-security software maker. The worm's sophisticated programming and ability to hide itself suggest it may have been built by a government-sponsored organization in a country such as the U.S. or Israel, said Frank Rieger, technology chief at GSMK, a maker of encrypted mobile phones.
He estimated that building the worm cost at least $3 million and required a team of as many as 10 programmers working about six months.
"All the details so far to me scream that this was created by a nation-state," Rieger said. Iran's nuclear facilities may have been targets, said Rieger and Richard Falkenrath, principal at the Chertoff Group, a Washington-based security advisory firm.
"It is theoretically possible that the U.S. government did this," Falkenrath said. "But in my judgment, that's a very remote possibility. It's more likely that Israel did it."