I passed the story on to a couple of experts I know. The first one is an OS expert and he found the story creditable except that the journalist doesn't know what a 'zero day attack' is and that the anagrams are ridiculus. The second one works in data security and backup. He knew about Stuxnet but not this story. He found it plausible.
My problem is the route of infection. If that had an 'air gap' to protect the system why did they allow memory sicks? The few outbreaks of malware we've had on campus were caused by infected memory sticks not by anything getting past the firewall (actually malware hasn't been seen here for years - fingers crossed). A friend works for Geoscience Australia and memory sticks are banned there. I believe they are actually locked out of the system (would that be at BIOS or OS level?). Anyway allowing memory sticks on site in a place where they are so careful is amateurish to say the least.
Could it be that Stuxnet is real but the story if a fake to sow confusion in Iran's nuclear program??
