Crippling Stuxnet virus infected Chevron's network too

Sophisticated virus was intended to knock offline an Iranian nuclear enrichment facility but strayed from its intended target about two years ago.

Steven Musil Night Editor / News
Steven Musil is the night news editor at CNET News. He's been hooked on tech since learning BASIC in the late '70s. When not cleaning up after his daughter and son, Steven can be found pedaling around the San Francisco Bay Area. Before joining CNET in 2000, Steven spent 10 years at various Bay Area newspapers.
Expertise I have more than 30 years' experience in journalism in the heart of the Silicon Valley.
Steven Musil
2 min read
Stuxnet. CBS Interactive

Stuxnet, the sophisticated computer virus that attacked a nuclear enrichment facility in Iran two years ago, also inadvertently infected Chevron's network.

Reportedly created by the U.S. and Israel, the highly destructive worm was designed to infect Iran's Natanz nuclear facility. Rather than steal data, Stuxnet left a back door meant to be accessed remotely to allow outsiders to stealthily knock the facility offline and at least temporarily cripple Iran's nuclear program.

The oil giant discovered the malware in July 2010 after the virus escaped from its intended target, Mark Koelmel, Chevron's general manager of the earth sciences department, told The Wall Street Journal.

"I don't think the U.S. government even realized how far it had spread," he said. "I think the downside of what they did is going to be far worse than what they actually accomplished."

A Chevron spokesperson told CNET that the company's network was not adversely affected by the virus.

"Two years ago, our security systems identified the Stuxnet virus. We immediately addressed the issue without incident," a Chevron representative said.

The payload was reportedly delivered to the facility on a standard thumb drive by an Iranian double agent working for Israel.

Even though Stuxnet targeted industrial facilities, it also infected regular PCs and as a result was discovered in June 2010, about a year after the earliest known version was believed to be created. In September 2011 came Duqu, which has identical code to Stuxnet but which appeared designed for cyber espionage instead of sabotage.

In June, The New York Times confirmed long-held suspicions that the U.S. was behind Stuxnet. Citing unnamed U.S. government sources, The Times reported that Stuxnet was developed by the U.S., possibly with help from Israel, as a way to preempt a military strike against Iran over its nuclear program. Israel has denied involvement in both Stuxnet and Flame, another complex targeted virus discovered stealing data in the Middle East, while the U.S. has not outright distanced itself from either.

U.S. officials have blamed Iran for creating the Shamoon virus, which was responsible for a cyberattack that infected more than 30,000 computers at Saudi Arabian oil company Saudi Aramco and Qatar's natural gas firm Rasgas in mid-August.