Report: U.S. and Israel Created Stuxnet Worm to Take Down Iranian Nuclear Operation
In 2010, the Stuxnet worm was first discovered in the wild. After being picked apart by security experts, it was widely believed to be a cyberweapon created by some government agency. The U.S. and Israel were always prime suspects, but a new report this morning in The New York Times confirms those suspicions and even shows the high level of involvement of President Obama in this country’s clandestine cyberwar.
The report is by David E. Sanger, and is adapted from his new book Confront and Conceal. Using highly placed sources within the U.S. intelligence and defense community, Sanger paints a vivid picture of what is regarded as the first use of electronic warfare to cause physical damage to another country.
According to Sanger’s sources, the project — codenamed “Olympic Games” — was begun under the Bush administration. Officials, it seems, were desperate to stop or slow Iranian nuclear enrichment operations, eventually turning to cyberwarfare as the solution. Working closely with their Israeli counterparts, U.S. experts eventually produced the first version of Stuxnet.
Unlike most malware, Stuxnet has a very specific function: Seek out Siemen’s P-1 centrifuges used for the enrichment of nuclear fuel and cause them to physically malfunction. Its primary means of doing so was to either suddenly increase or decrease the speeds at which the centrifuges operate, causing the machinery to eventually fail. It apparently did so with remarkable success, at one point reducing the number of operating centrifuges at Iran’s Natanz enrichment facility from 5,000 to 1,000. All the while, the worm was able to cover its tracks, successfully passing off its mayhem as mechanical failings or human error. From the report:
The first attacks were small, and when the centrifuges began spinning out of control in 2008, the Iranians were mystified about the cause, according to intercepts that the United States later picked up. “The thinking was that the Iranians would blame bad parts, or bad engineering, or just incompetence,” one of the architects of the early attack said.
Though Olympic Games began under Bush, Obama eventually took the reins. According to Sanger’s account, Obama was deeply involved with the progress of the operation — personally authorizing each new step and receiving frequent updates.
The trouble was that Stuxnet eventually found its way out of Natanz, apparently copying itself onto a laptop that was eventually carried outside the facility connected to the Internet. Failing to recognize that it was no longer inside a centrifuge, Stuxnet went on to copy itself across the web, eventually coming to the attention of security experts. According to Sanger, this was because of an error in a new version of the worm. Again, from the NYTimes:
“We think there was a modification done by the Israelis,” one of the briefers told the president, “and we don’t know if we were part of that activity.”
Mr. Obama, according to officials in the room, asked a series of questions, fearful that the code could do damage outside the plant. The answers came back in hedged terms. Mr. Biden fumed. “It’s got to be the Israelis,” he said. “They went too far.”
While the role of the U.S. and Israel in the origins of Stuxnet is not necessarily surprising, Sanger’s report portrays it as a bit of a tense relationship. It seems that while the U.S. was happy to see the Iranian nuclear effort curtailed, it was extremely concerned about a strike against Iranian nuclear facilities by Israel. Stuxnet, according to Sanger and his sources, was developed to provide a non-military solution to the problem.
Assuming this information is true, it casts events of the past few years in a new light. For instance, some commenters had puzzled over a newfound paranoia within the Department of Defense about cyberwarfare. Officials were insisting that it be made a priority, while security experts and others said that their concerns were exaggerated. While it’s possible that those experts who called for calm were completely correct, perhaps the source of Washington’s paranoia was the fact that we were actively involved with perpetrating these activities on someone else.
Furthermore, the entire drama over the captured RQ-170 drone is cast in a new light. Though bringing down a U.S. drone is a provocative move, Iran sort of insinuated that the country possessed the technology to “hack” the drone and bring it down in one piece. Once in their possession, Iranian officials announced that they had successfully extracted data from the drone. Perhaps this was meant to demonstrate to U.S. observers what Iran’s homegrown hackers could do.
Iran has also begun taking steps to lock down its electronic infrastructure, leading to rumors that the Iranian government intends to isolate the country from the web. Stuxnet, and perhaps other intrusions, are no doubt the reason the country has begun taking country-wide digital security seriously.
If accurate, Sanger’s report is a remarkable portrait of what could be the beginning of a new kind of warfare. But while his sources have been remarkably forthcoming, it’s hard not to think that they are willing to do so because bigger projects are afoot. After all, with Stuxnet out in the open, the worm is probably old news.
(NYTimes via Techmeme, image of a gas centrifuge via Wikipedia)
- Iran has a functioning railgun, but so what?
- Speaking of secrets, the X-37B should be landing any day now
- A second chinese stealth jet has been spotted
Have a tip we should know? tips@themarysue.com