Stuxnet, Israel and the US behind the Virus: “It Was Created by Us; It Got out of Hand”
Published in La Repubblica
(Italy) on 2 June 2012
by Tiziano Toniutti (link to original)
The code was developed to counter the Iranian nuclear program. But a modification that was not perfectly programmed was introduced by the Tel Aviv government and has made the worm capable of replicating itself on machines outside the core target. Obama played a key role in the operation called “Olympic Games,” which began in the Bush era.
It’s a classic scene of spies and countries at war – even if only in data circuits – one that involves the U.S., Israel and Iran in the Stuxnet virus affair, one of the most powerful cyberweapons ever developed, now consigned to history. The development and spread of the worm called “Olympic Games” began under the George W. Bush administration and continued, more vigorously than ever, under President Obama. The New York Times was the one to lift the veil on this cyberwar launched by the U.S., which is being reported on following 18 months of interviews with the U.S., European and Israeli sources who were involved in the program, as well as some interviews with experts from sectors outside the operation.
A Virus against Iran
The objective of Stuxnet was to disable key elements of central Iran’s uranium enrichment systems. Stuxnet was to achieve this goal in such a way that the systems would not reveal the errors. It was a twofold operation: First, defuse the nuclear threat of the Ahmadinejad regime. Secondly – and this was fundamental for the U.S. -- remove reasons for Israel to attack Iranian sites. According to accounts obtained from military personnel by The New York Times, it was actually Tel Aviv that wanted to strengthen the virus and make it able to propagate itself more easily. Perhaps too easily, as an infected laptop in central Natanz was then able to send the pirate code out from the affected systems, provoking major disruptions of other networks, which were absolutely not targets of the operation.
Obama Followed in Bush's Footsteps
Operation “Olympic Games” did not cease with President Bush’s departure. Rather, Obama increased the U.S. reliance on cyberweapons, secretly ordering a growing number of cyberattacks against the operating systems of the main Iranian nuclear sites. In a White House meeting held a few days after the virus’s “escape,” Obama, Vice President Joseph Biden and then-CIA chief Leon Panetta evaluated the repercussions of the incident, particularly on American operations intended to slow down Tehran's nuclear development program. Obama indicated that he was dubious about continuing the operation: “Should we end it here?”* asked the president. But, upon learning that it was not clear how much Iran had discovered about the Stuxnet code and in the face of evidence that the virus was still working, Obama decided to continue the cyberwar.
Operation Party Pooper
According to the accounts, the only way to persuade Israel not to attack Iran militarily was with the success of the computer operation. To this end, the National Security Agency worked closely with a group of Israeli intelligence experts on cyber weapons, Unit 8200. Stuxnet – originally called “the bug” -- is the product of collaboration between those two entities. To test it, the NSA used Iranian nuclear technology recovered from Libya, effectively recreating a little Natanz in central Tennessee, unbeknownst to its operators. The virus worked and was, among other things, the first cyberattack that did not limit itself to stealing data or blocking software operations. Instead, it destroyed the turbine of a centrifuge by forcing it to spin at an unsustainable rate.
Virus Escapes
Once the test was completed, the phase of infiltration and infection of the machines began. It lasted several months and was conducted at a grassroots level, even using unwitting accomplices and infected USB sticks, followed by contagion, the discouragement of Iranian engineers and the firing of several central figures. Stuxnet proved itself to be highly deceptive and very good at sabotaging the centrifuges while simultaneously sending signals that all systems were operating smoothly.
But Unit 8200 may have gone too far, according to reports from those present in Obama and Biden’s situation room: They went far enough to impair the operation, since later versions of Stuxnet became overly aggressive and were unable to recognize their environments. The virus should never have left Natanz. Once it got to the Internet, which probably happened via an infected laptop, it started to spread. Obama was heard saying, “We have lost control of the virus.”** From that point on, the virus’s detection by various global monitors and its continuous disposal -- even in the days immediately following the attacks in Natanz -- intensified. The Iranian site was hit by an updated version of Stuxnet; an attack by yet another updated version immediately followed. The last attack took nearly 1,000 of the 5,000 structures used by Tehran temporarily out of service.
* Editor's note: This quotation, accurately translated, could not be verified.
** Editor's note: This quotation, accurately translated, could not be verified.
It’s a classic scene of spies and countries at war – even if only in data circuits – one that involves the U.S., Israel and Iran in the Stuxnet virus affair, one of the most powerful cyberweapons ever developed, now consigned to history. The development and spread of the worm called “Olympic Games” began under the George W. Bush administration and continued, more vigorously than ever, under President Obama. The New York Times was the one to lift the veil on this cyberwar launched by the U.S., which is being reported on following 18 months of interviews with the U.S., European and Israeli sources who were involved in the program, as well as some interviews with experts from sectors outside the operation.
A Virus against Iran
The objective of Stuxnet was to disable key elements of central Iran’s uranium enrichment systems. Stuxnet was to achieve this goal in such a way that the systems would not reveal the errors. It was a twofold operation: First, defuse the nuclear threat of the Ahmadinejad regime. Secondly – and this was fundamental for the U.S. -- remove reasons for Israel to attack Iranian sites. According to accounts obtained from military personnel by The New York Times, it was actually Tel Aviv that wanted to strengthen the virus and make it able to propagate itself more easily. Perhaps too easily, as an infected laptop in central Natanz was then able to send the pirate code out from the affected systems, provoking major disruptions of other networks, which were absolutely not targets of the operation.
Obama Followed in Bush's Footsteps
Operation “Olympic Games” did not cease with President Bush’s departure. Rather, Obama increased the U.S. reliance on cyberweapons, secretly ordering a growing number of cyberattacks against the operating systems of the main Iranian nuclear sites. In a White House meeting held a few days after the virus’s “escape,” Obama, Vice President Joseph Biden and then-CIA chief Leon Panetta evaluated the repercussions of the incident, particularly on American operations intended to slow down Tehran's nuclear development program. Obama indicated that he was dubious about continuing the operation: “Should we end it here?”* asked the president. But, upon learning that it was not clear how much Iran had discovered about the Stuxnet code and in the face of evidence that the virus was still working, Obama decided to continue the cyberwar.
Operation Party Pooper
According to the accounts, the only way to persuade Israel not to attack Iran militarily was with the success of the computer operation. To this end, the National Security Agency worked closely with a group of Israeli intelligence experts on cyber weapons, Unit 8200. Stuxnet – originally called “the bug” -- is the product of collaboration between those two entities. To test it, the NSA used Iranian nuclear technology recovered from Libya, effectively recreating a little Natanz in central Tennessee, unbeknownst to its operators. The virus worked and was, among other things, the first cyberattack that did not limit itself to stealing data or blocking software operations. Instead, it destroyed the turbine of a centrifuge by forcing it to spin at an unsustainable rate.
Virus Escapes
Once the test was completed, the phase of infiltration and infection of the machines began. It lasted several months and was conducted at a grassroots level, even using unwitting accomplices and infected USB sticks, followed by contagion, the discouragement of Iranian engineers and the firing of several central figures. Stuxnet proved itself to be highly deceptive and very good at sabotaging the centrifuges while simultaneously sending signals that all systems were operating smoothly.
But Unit 8200 may have gone too far, according to reports from those present in Obama and Biden’s situation room: They went far enough to impair the operation, since later versions of Stuxnet became overly aggressive and were unable to recognize their environments. The virus should never have left Natanz. Once it got to the Internet, which probably happened via an infected laptop, it started to spread. Obama was heard saying, “We have lost control of the virus.”** From that point on, the virus’s detection by various global monitors and its continuous disposal -- even in the days immediately following the attacks in Natanz -- intensified. The Iranian site was hit by an updated version of Stuxnet; an attack by yet another updated version immediately followed. The last attack took nearly 1,000 of the 5,000 structures used by Tehran temporarily out of service.
* Editor's note: This quotation, accurately translated, could not be verified.
** Editor's note: This quotation, accurately translated, could not be verified.