The timing of the Vacon employees’ arrests by Chinese customs fits within the development period of the Stuxnet malware. The officers would certainly have access to all of Vacon’s records at that location and since it’s a manufacturing facility, that would include specific engineering details of the drives targeted by Stuxnet.

Vacon isn’t the only company involved with Stuxnet that has a Chinese connection. The first genuine digital certificate used by Stuxnet developers was from RealTek Semiconductor Corp., a Taiwanese company which has a subsidiary in (of all places) Suzhou under the name Realsil Microelectronics, Inc. (450 Shenhu Road, Suzhou Industrial Park, Suzhou 215021 Jiangsu Province, China)…

On April 13, 2010, Beijing reiterated its opposition to Iran’s goal to develop nuclear weapons capabilities while stating that sanctions against Iran would be counter-productive. In other words, the PRC wanted to support its third largest supplier of oil (after Saudi Arabia and Angola) while at the same time seeking ways to get Iran to stop its uranium fuel enrichment program. What better way to accomplish that goal than by covertly creating a virus that will sabotage Natanz’ centerfuges in a way that simulates mechanical failure while overtly supporting the Iranian government by opposing sanctions pushed by the U.S. It’s both simple and elegant. Even if the worm was discovered before it accomplished its mission, who would blame China, Iran’s strongest ally, when the most obvious culprits would be Israel and the U.S.?