The damage inflicted by Stuxnet malware could have set back the Iranian nuclear program by as much as two years, according to Ralph Langner, a German security expert. In a report in The Economist, Langner compares the complexity of Stuxnet to "the arrival of an F-35 fighter jet on a World War I battlefield." 

In November, the president of Iran admitted that a number of centrifuges were hit by the sophisticated malware, which security firm Symantec recently concluded was tailor-made with Iran's nuclear facilities in mind.

Langner did a code analysis on Stuxnet, concluding that it could not have been the work of a lone hacker, and that even "one nation-state would not have been able to [write Stuxnet] on its own."

With the damage already done however, the new challenge for Iran is the replacement of damaged hardware, as well as eliminating the virus from infected systems. This could be a problem, given the lack of top-notch security experts in Iran. Some believe Iran may be better off junking the infected computers. (The decidedly non-cyber assassination of a top nuclear scientist via a car-bomb in November does little to help matters, from Iran's perspective, either.)

Conversely, Stuxnet has opened Pandora's Box in a clear demonstration of the damage that could be inflicted by cyber-weapons on critical installations. I have some thoughts on this, which you can read in today's editorial.

For more on this story:
- check out this article at The Economist
- check out this article at Ars Technica
- check out this article at The Jerusalem Post
- check out this article at The Christian Science Monitor

Related Articles:
Iran grappling with Stuxnet worm 
DHS official: Variants of Stuxnet could attack industrial systems
Stuxnet: Evidence points to Iran centrifuges as target
How the Stuxnet worm works