The claim came in a speech given by Kaspersky at the National Press Club of Australia last week, where he was a keynote speaker.
You can see Kaspersky make the revelation at approximately 27 minutes into the below video.
In a question-and-answer session, following his keynote speech, Eugene Kaspersky says that an engineer friend told him how a Russian nuclear facility – disconnected from the internet – had been “badly infected” by Stuxnet, after the malware had caused damage at Iran’s nuclear facilities in Natanz.
There is no way to independently verify the claim, of course. But it is a fact that Stuxnet managed to infect many computer systems outside of its intended target in Iran. Indeed, the very fact that it spread out of control, was what lead to its discovery by security firms.
If the claim of the Russian nuclear plant infection is true, then it’s easy to imagine how this “collateral damage” could have turned into a very serious incident indeed, with obvious diplomatic repercussions.
Separately in the speech, Kaspersky claims that “all data is stolen… at least twice”.
Perhaps an exaggeration, there… Lets hope so.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.