Threat Management, Security Strategy, Plan, Budget

U.S., Israel revealed as Stuxnet authors

According to today's New York Times, the United States and Israel were behind the Stuxnet virus. While the U.S. government has admitted to developing cyber weapons, this would be the first time an admission has been forthcoming in using them. 

The virus spread in 2010 via Microsoft Windows with a highly specialized malware payload to target Siemens supervisory control and data acquisition (SCADA) systems, particularly within Iran's nuclear power plants.

The computer code used in the attack has been thoroughly studied, but previous to today's report, its developers were unknown, though the U.S. and Israel were suspected. Quoting anonymous sources who reportedly worked on the project, dubbed Olympic Games, the Times article revealed that the National Security Agency, working with Unit 8200, a part of Israel's military, developed the worm to sabotage Iran's nuclear program.

While Iran has repeatedly claimed the intention of its nuclear program was to provide power, suspicions that it was actually attempting to develop nuclear weapons was rampant within the governments of the U.S. and Israel.

Citing a book by reporter David Sanger, Confront and Conceal: Obama's Secret Wars and Surprising Use of American Power, which will be released by Crown on Tuesday, the Times reported that the sabotage strategy began in 2006 under the administration of George W. Bush as an alternative to a military strike and because imposing sanctions on Iran was thought to be having undesirable economic consequences among allies.

Once the code was written, to test its effectiveness the United States recreated the centrifuges Iran used, an older model that Iran had purchased on the black market from Pakistan's nuclear chief. The U.S. was able to do this because it held in storage some samples of the machinery handed over in 2003 by Libyan ruler Col. Muammar el-Qaddafi when he gave up his nation's nuclear program.

By the time President Bush left office, the virus had little effect in Iran, but the program was passed on to incoming President Obama who was strongly urged to continue the program. He gave the go-ahead and the attacks continued, according to the Times.

“The Middle East has always been a political hot spot so it is not a shock to hear that governments are spying on each other in that region and that some of their methods may include cyber attacks or data breaches," Harry Sverdlove, CTO at Waltham, Mass.-based Bit9, told SCMagazine.com on Friday. "To me, the shocking part is the revelation in the media by the participants that the U.S. government and the office of the President were directly involved in authorizing the Stuxnet attack. You never hear China or any other nation admit to their spying or cyber activity. It concerns me that this information is being reported as almost 'official' and it just sets the stage for cyber warfare."

Sverdlove added that Flame, which has been around for almost two years and has been credited with attacks on computers of officials in Iran, is much worse than Stuxnet and is having an impact on many organizations in the Middle East and Africa. "I believe the sophisticated attacks we have seen with Stuxnet and Flame will only continue and this may be the beginning of a cyber arms race. This cyber arms race has a great chance of making its way into the corporate world as the malware is re-used and morphed to steal intellectual property and customer and corporate confidential information.”

Reporter Sanger spent a year-and-a-half interviewing American, European and Israeli officials employed in the Olympic Games program. As the project is highly classified and ongoing, none of those he spoke with were willing to be sourced.


Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.