Jump to content

Confirmed: US and Israel created Stuxnet, lost control of it


Recommended Posts

  • Administrator

Stuxnet was never meant to propagate in the wild.

Posted Image

The new account is unlikely to alter Iran's view of the US, seen here in a mural on the old US embassy in Tehran

In 2011, the US government rolled out its "International Strategy for Cyberspace," which reminded us that "interconnected networks link nations more closely, so an attack on one nation’s networks may have impact far beyond its borders." An in-depth report today from the New York Times confirms the truth of that statement as it finally lays bare the history and development of the Stuxnet virus—and how it accidentally escaped from the Iranian nuclear facility that was its target.

The article is adapted from journalist David Sanger's forthcoming book, Confront and Conceal: Obama’s Secret Wars and Surprising Use of American Power, and it confirms that both the US and Israeli governments developed and deployed Stuxnet. The goal of the worm was to break Iranian nuclear centrifuge equipment by issuing specific commands to the industrial control hardware responsible for their spin rate. By doing so, both governments hoped to set back the Iranian research program—and the US hoped to keep Israel from launching a pre-emptive military attack.

The code was only supposed to work within Iran's Natanz refining facility, which was air-gapped from outside networks and thus difficult to penetrate. But computers and memory cards could be carried between the public Internet and the private Natanz network, and a preliminary bit of "beacon" code was used to map out all the network connections within the plant and report them back to the NSA.

That program, first authorized by George W. Bush, worked well enough to provide a digital map of Natanz and its industrial control hardware. Soon, US national labs were testing different bits of the plan to sabotage Natanz (apparently without knowing what the work was for) using similar centrifuges that had come from Libya's Qadaffi regime. When the coders found the right sets of commands to literally shake the centrifuges apart, they knew that Stuxnet could work.

When ready, Stuxnet was introduced to Natanz, perhaps by a double agent.

Getting the worm into Natanz, however, was no easy trick. The United States and Israel would have to rely on engineers, maintenance workers and others—both spies and unwitting accomplices—with physical access to the plant. “That was our holy grail,” one of the architects of the plan said. “It turns out there is always an idiot around who doesn’t think much about the thumb drive in their hand.”

In fact, thumb drives turned out to be critical in spreading the first variants of the computer worm; later, more sophisticated methods were developed to deliver the malicious code.

When Barack Obama came to office, he continued the program—called "Olympic Games"—which unpredictably disabled bits of the Natanz plant even as it told controllers that everything was normal. But in 2010, Stuxnet escaped Natanz, probably on someone's laptop; once connected to the outside Internet, it did what it was designed not to do: spread in public. The blame game began about who had slipped up in the coding.

“We think there was a modification done by the Israelis,” one of the briefers told the president, “and we don’t know if we were part of that activity.”

Mr. Obama, according to officials in the room, asked a series of questions, fearful that the code could do damage outside the plant. The answers came back in hedged terms. Mr. Biden fumed. “It’s got to be the Israelis,” he said. “They went too far.”

Once released more widely, the Stuxnet code was found and then disassembled by security researchers.

Please don't follow our example

As the International Strategy for Cyberspace notes, these sorts of electronic attacks are serious business. The US in fact reserves the right to use even military force to respond to similar attacks. "All states possess an inherent right to self-defense, and we recognize that certain hostile acts conducted through cyberspace could compel actions under the commitments we have with our military treaty partners," says the report. "We reserve the right to use all necessary means—diplomatic, informational, military, and economic—as appropriate and consistent with applicable international law."

Yet the US had just gone on the cyber-attack, and everyone knew it. Speculation has long swirled around government-backed hackers from nations like China and Russia, especially, who have been suspected of involvement in espionage, industrial trade secret theft, and much else. Would something like Stuxnet damage US credibility when it complained about such attacks? (China has long adopted the "you do it too!" defense on Internet issues, especially when it comes to censoring and filtering of Internet content.)

Obama was at least aware of the likely answer—yes—but pressed ahead, even accelerating the Olympic Games program.

[Obama] repeatedly expressed concerns that any American acknowledgment that it was using cyberweapons—even under the most careful and limited circumstances—could enable other countries, terrorists or hackers to justify their own attacks. “We discussed the irony, more than once,” one of his aides said.

Stuxnet is old news by now. Even the newly discovered "Flame" malware was developed some time ago. While details about these two targeted attack packages are finally emerging, the next generation of attack tools has no doubt been developed and likely deployed.

:view: View: Original Article

Link to comment
Share on other sites

  • Replies 8
  • Views 1.8k
  • Created
  • Last Reply

Everyone knowed who created but its bs that they lost control of it! They lying as always!

Link to comment
Share on other sites


Obama ordered wave of cyberattacks on Iran

President Barack Obama ordered a secret wave of sophisticated computer attacks on Iranian nuclear enrichment facilities, according to the New York Times.

Obama decided to accelerate the program, begun under the Bush administration and code-named "Olympic Games," even after the some of the code of computer worm used in the cyberattacks was revealed on the Internet, the Times reported today.

[Related: Who's behind the super cyber spy tool 'Flame'?]

"Olympic Games" was a joint venture between the U.S. and Israel designed to take down the Iranian nuclear program using the worm dubbed Stuxnet, the story indicated.

When an error accidentally allowed Stuxnet to "escape" Iran's Natanz plant, Obama and his team convened to discuss the situation as described in the story:

Should we shut this thing down?" Mr. Obama asked, according to members of the president's national security team who were in the room.

Told it was unclear how much the Iranians knew about the code, and offered evidence that it was still causing havoc, Mr. Obama decided that the cyberattacks should proceed. In the following weeks, the Natanz plant was hit by a newer version of the computer worm, and then another after that. The last of that series of attacks, a few weeks after Stuxnet was detected around the world, temporarily took out nearly 1,000 of the 5,000 centrifuges Iran had spinning at the time to purify uranium.

Obama's decision in the early months of his presidency to push the attacks marked America's first sustained use of cyberweapons, and it resulted in physical damage to Iran's Natanz plant, according the piece.

[Original article]

Link to comment
Share on other sites


Fascinating indeed and sounds like a good movie script! :D

... but it`s not a movie script - it`s pure and cruel reality -> for those guys internet privacy it`s good joke !

Link to comment
Share on other sites

This is something shit about them lately, pretty dumb i would say.

Link to comment
Share on other sites

good example of why in critical corporate networks (of any kind) use of thumb drives should be restricted. for windows (tho i doubt they would be using windows servers in such critical places as nuclear plants, there could be windows based desktops/workstations) there's a very simple reg hack to do it and only people with administrator level would be able to disable or modify it. dunno about *nux but there should hopefully be something similar available, right?

Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...