(Source: Reuters)
Was attack by U.S. and Israel an act of war? Some think so

It was not a happy meeting for Barack Obama, President of the United States.  At a secret White House meeting with Vice President Joseph R. Biden Jr. and the director of the Central Intelligence Agency at the time, Leon E. Panetta, and other top officials, his advisors laid out that the Stuxnet worm had spiralled out of control.  According to members of the President's national security team interviewed by The New York Times he asked, "Should we shut this thing down?"

I. Mission Success? Stuxnet Set Back Iran, Despite Code Leak

But the U.S. didn't shut Stuxnet down.  The worm and its successors would go on to succeed in the core objective programmed into it by the U.S. and Israel -- to sabotage centrifruges originally produced by German equipment maker Siemens AG (ETR:SIE) by causing them to spin too fast and break.

But Iran eventually detected the worm, which had broken 1,000 of its 5,000 nuclear centrifuges at the Nanantz Plant, and quickly rooted it out, minimizing damage.  It also publicly called out the U.S. and Israel for the alleged sabotage attempt, though it reportedly lied, denying that its plants had been damaged.

The U.S. denied knowledge of the worm.  But privately, Obama administration and intelligence officials must have been panicking as the worm infected other Siemens equipment and spread, out of control, worldwide.  Ultimately the source code leaked, offering more implication of the U.S. and Israel, while putting a potentially dangerous cyber superweapon into that hands of rival nation states, terrorist, and malicious for-profit hackers.

Obama, tired
President Obama reportedly secretly authorized and planned the use of several worms to attack Iran's nuclear facilities. [Image Source: Associated Press]

But the allegation of U.S. involvement remained largely unproven.  But a new piece by David E. Sanger of The New York Times has startling vivid accounts of the U.S. true involvement and cites numerous confirmations from government officials that cyber saboteur was indeed crafted by U.S. intelligence and its Israeli counterparts.

II. "Olympic Games" Attacks Began With Bush

According to the articles, the Bush administration began the cyber-attacks on Iraq, code-naming them "Olympic Games".  When President Obama took over he opted to step up the attacks, specifically authorizing the virulent worm that would become known as Stuxnet.

Stuxnet worked remarkably well, but a programming error caused it to spread far outside the narrow trajectory its authors intended.  According to the article when asked whether the worm should be remotely terminated, President Obama decided against pulling plug as his advisors told him it might still be doing damage and that the Iranians might not know that much about it.

Instead they stepped up the program, with two new worm variants, targeting the uranium enrichment centrifuges.  While Iranian enrichment is reportedly ongoing after the worm was removed from the Nanantz Plant's system, the U.S. government is reportedly still targeting Iran with new cyberattacks.

Describes the NYT piece:

This account of the American and Israeli effort to undermine the Iranian nuclear program is based on interviews over the past 18 months with current and former American, European and Israeli officials involved in the program, as well as a range of outside experts. None would allow their names to be used because the effort remains highly classified, and parts of it continue to this day.

Despite the embarassment of having their secret sabotage effort exposed, Obama administration officials reportedly expressed optimism about the results, saying it set the Iranian nuclear program back 18 months to 2 years.  Independent experts were less optimistic, stating the setback windows would likely be smaller.

Stuxnet source code has been decompiled by Symantec and other researchers.  Versions of the source have even publicly leaked, making them available to hackers. [Image Source: Wired]

Symantec Corp. (SYMC) officials say it was no secret that Stuxnet was created by a nation state actor.  The worm was 50 times the size of a standard worm and equipped with unusual capabilities, like remote deletion.

III. Probing Iran's Dark Net

The U.S. had never before -- to anyone's knowledge -- carried out such a massive cyber-attack against a specific nation-state, which did damage that previously could only have been done by covert agents with bombs or chemical warfare devices.

So why did the Obama administration authorize this unprecedented measure, a measure some will likely say was an unauthorized act of war?  The President felt the nation had no other choice when it came to stopping Iran.  And he felt the effort must be kept secret from Congress and the public to avoid terrorist organizations from using it to justify digital counterattacks -- or that's what he told his staff, at least.

Former President George W. Bush reportedly had similar reasons for launching the program in the first place and keeping it secret.  He was reportedly well aware that his credibility was shot after falsely accusing Iraqi dictator Saddam Hussein of developing nuclear weapons.  And his allies were opposed to steep sanctions against Iran, which could hurt their economies.

Iran recognized his vulnerability.  Iranian President Mahmoud Ahmadinejad led reporters on tours of his nuclear plant and enrichment facilities, trying to publicly claim he had nothing to hide.  But to the Bush administration it appeared that Iran's enrichment capacity was greatly outpacing its fuel needs, so the claims of peaceful infringement seemed highly dubious.  To them Iran was clearly using the publicity stunt as a means of obfuscating the fact that it was stockpiling enriched weapons game uranium for warheads, warheads that could be used to demolish Israel and potentially even be trained at U.S. cities.

Iran nuclear facilities
The attack on the centrifuges was preceded by a worm that mapped Iran's networks.  President Bush authorized these early attacks. [Image Source: CBS]

U.S. Central Intelligence Agency efforts to sabotage parts for the plant, including designing generators that would blow up had little effect.  And with Vice President Dick Cheney pushing the President for yet another decision, President Bush made the decision to explore cyberattacks, a program that would be completed by his successor.

The Bush administration effort start with the planting of a preliminary "beacon" worm that mapped networks and analyzed various devices and circuits, returning the data to the U.S. National Security Agency.  In order to convince Dick Cheney and Israel to lay off plans to physically attack Iran in a pre-emptive strike, President Bush authorized a next generation design dubbed "the bug", whose objective was serious sabotage.

IV. Crossing "the Rubicon"

That worm was developed in secret by the CIA, NSA and Israel’s Unit 8200.  Israel's hackers were reportedly criticals as they were more skilled than their U.S. counterparts and were armed with their nation's deep intelligence of the Nanantz facility.

The U.S. had already bought some of the aging centrifuges that Iran was using -- P-1s from former Libyan dictator Col. Muammar el-Qaddafi.  Iran had purchased llarge number of identical models on the black market from Abdul Qadeer Khan, the Pakistani nuclear chief.

Using their small number of identical centrifuges, they carried out a successful test attack on the centrifuges, with systems set up to resemble those mapped by the "beacon".  Armed with the success, President Bush authorized a real attack on Iranian systems.

Michael V. Hayden, the former chief of the C.I.A., remarked, "Previous cyberattacks had effects limited to other computers.  This is the first attack of a major nature in which a cyberattack was used to effect physical destruction.  Somebody crossed the Rubicon."

CIA Floor
The C.I.A.'s former chief said the attack authorized by President Bush "crossed the Rubicon", opening a new era of warfare. [Image Source: Saul Loeb / AFP / Getty]

It took a while though for covert agents in Iran to spread "the bug" with USB drives.  Comments an official, "It turns out there is always an idiot around who doesn’t think much about the thumb drive in their hand."

But in 2008 the first reports of success were reported.  A handful of centrifuges began to blank.  Mystified the Iranians believed they were "cursed" or possibly the result of parts sabotage.  Comment an official based on intercepted communications, "The thinking was that the Iranians would blame bad parts, or bad engineering, or just incompetence."

While the program had not succeeded in large scale destruction of Iranian enrichment when President Bush left office, he urged his successor to preserve the program.  President Obama listened to his advice and did.

The new president was reportedly deeply involved receiving weekly updates and authorizing new attacks.  States one official, "From his first days in office, he was deep into every step in slowing the Iranian program — the diplomacy, the sanctions, every major decision.  And it’s safe to say that whatever other activity might have been under way was no exception to that rule."

The first major setback to the program occurred in 2010 when a portion of code design to make the worm detect its new environment and prevent replication outside the Iranian target vectors failed.  Quickly the worm began to spread worldwide, and receive media attention.  Vice President Biden reportedly fumed blaming the Israelis for the bad code.  He is quoted by an unnamed official as saying, "It’s got to be the Israelis.  They went too far."

V. More Attacks Coming?

While the Obama efforts were almost solely "focused on one country", many administration officials have since called for attacks on other regions like North Korea and possibly China, pending the semi-success of "the bug" and its successors.  States one official, "We’ve considered a lot more attacks than we have gone ahead with."

The real question is whether such attacks could lead to real-world retaliation and loss of life.  The U.S. government only recently admitted to developing cyber-weapons, but it also recently said that cyberattacks that caused physical destruction could be construed as acts of war and retaliated with "equivalent" real-world physical force.  The question is whether the U.S. might soon find itself on the flip side of the equation.

Computer worm
Officials say attacks against North Korea are being considered. [Image Source: TechTear]

Iran, with enrichment continuing despite the setbacks, has created its own military cyberunit, headed by Brig. Gen. Gholamreza Jalali.  Gen. Jalali promised to fight Iran's enemies "cyberspace and Internet warfare".  But the unit, humorously dubbed the Passive Defense Organization has thus far not appeared to have committed any successful attacks on U.S. infrastructure.

Stuxnet is the first of two major embarassments for the Obama administration with regard to Iran.  In December of last year the Iranians succesfully downed a U.S. RQ-170 drone on a C.I.A. mission.  The Iranians have pledged to crack the minimally damaged drone's secrets, rejecting President Obama's demands to return the flier.

Gibson Neuromancer
A new era in warfare has begun. [Image Source: Interplay (cover art for Neuromancer game)]

In his seminal 1984 cyberpunk novel Neuromancer, William Gibson envisioned a world at war, in which internet offensives were used as preludes to physical attack.  Today, more than ever, as the U.S.'s secret attack of Iran is exposed that prediction appears remarkably prescient.

Source: The New York Times

"We’re Apple. We don’t wear suits. We don’t even own suits." -- Apple CEO Steve Jobs

Latest Blog Posts
T-Mobile Data Problems
Saimin Nidarson - Oct 20, 2016, 10:17 AM
IMEX America Trade Show
Saimin Nidarson - Oct 9, 2016, 10:00 AM

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki