stuxnet

Some say the Stuxnet virus is targeted at Iran nuclear, but from chart below(from wikipedia http://en.wikipedia.org/wiki/Stuxnet), we can see that China has the most targets infected…

Country	Infected Computers
China	6,000,000 (October 1)
Iran	30,000
Indonesia	13,336
India	6,552
United States	2,913
Australia	2,436
Britain	1,038
Malaysia	1,013
Pakistan	993
Germany	5 (September)

This reminds me of the malfunction of subway line 10 in Beijing on Sep 30th, the line 10 subway control system uses the Siemens system(I can see the big Siemens logo on the yellow subway device between the rails), here is an article about Stuxnet http://www.symantec.com/connect/zh-hans/blogs/stuxnet-1 from Livian Ge in Symantec.

According to the information on internet, Stuxnet should not be called a normal virus to us, ’cause it causes no damage to us(normal pc users), it uses C, C++ in Windows host(wrapper of .dll in Step 7 dev environment), and MC7(machine code injection) on target env, mainly to control and steal infomation from industrial programs in PLC used in Siemens devices(widely used in daily industrial infrastructures, like subway, power plant, etc.).  It is so complicated and big(half megabyte), can also be updated via peer to peer, which means internet update is not used, it relies on usb drives to spread and update.

So who has the knowledge and energy to build such a “tool” and what is the purpose?