I recently wrote a white paper entitled “Dragons, Tigers, Pearls, and Yellowcake” in which I proposed four alternative scenarios for the Stuxnet worm other than the commonly held assumption that it was Israel or the U.S. targeting Iran’s Bushehr or Natanz facilities.
During the course of my research for that paper, I uncovered a connection between two of the key players in the Stuxnet drama: Vacon, the Finnish manufacturer of one of two frequency converter drives targeted by this malware; and RealTek, who’s digital certificate was stolen and used to smooth the way for the worm to be loaded onto a Windows host without raising any alarms. A third important piece of the puzzle, which I’ll discuss later in this article, directly connects a Chinese antivirus company which writes their own viruses with the Stuxnet worm.
Most people who have followed the Stuxnet investigation know that the international headquarters for Vacon is in Finland, but surprisingly, Finland isn’t where Vacon’s frequency converter drives are manufactured. Vacon’s manufacturing plant is actually located in the Peoples Republic of China under the name Vacon Suzhou Drives Co. Ltd., located at 11A, Suchun Industrial Square 428# Xinglong Street, SIP Suzhou 215126 China.
View Full Article