[Originally published to Enformable.com]
On June 1st of this year the New York Times reported that President Obama himself participated in the "Stuxnet" cyberattack against Iran's nuclear ambitions, beginning very shortly after he took over the executive reins of the U.S. government from ex-President George W. Bush. It was under Bush that American and Israeli intelligence agencies got together on the project, code named Olympic Games.
The Times article set off a wave of criticism, leading to the June 5th announcement from the Senate Armed Services Committee that closed hearings will be held to examine the apparent authorized release of classified information that Senators John McCain and Saxby Chambliss claim to have damaged U.S. national security. McCain further charged that the revelations were designed "to enhance President Obama's image as a tough guy for the elections." Why the Senate suddenly believes that a POTUS cannot release classified information when he sees fit is a mystery, as under the last administration the Vice President of the United States leaked the classified identity of a covert CIA counterproliferation agent to the New York Times (which duly reported the information) as a way to publicly punish that agent's ambassador husband for debunking an aspect of Bush administration's excuse for invading Iraq. As reported at the time, Vice President Dick Cheney maintained that he had the power to declassify government secrets at will by virtue of an executive order issued by Bush. The Senate apparently believed that at the time, so it's difficult to pinpoint why things should be any different now. Thus it is doubtful that release of purportedly 'classified' information about either the commando raid last year that killed Osama bin Laden in Pakistan, or past and present White House involvement in developing and deploying the Stuxnet computer worm can constitute a breach of executive power. Administrations have a long and storied history of using the press as a tool of propaganda to advance policies and positions. As well as for planting carefully crafted lies that may affect relations with other nations. The press both here and abroad has been more than willing to do its part, as exemplified by the recent Wall Street Journal revelation that Matsutaro Shoriki, head of the Yomiuri Shimbun, had worked closely with the CIA to promote nuclear power in Japan back in the 1950s…
Mr. Shoriki was many things: a Class A war criminal, the head of the Yomiuri Shimbun (Japan’s biggest-selling and most influential newspaper) and the founder of both the country’s first commercial broadcaster and the Tokyo Giants baseball team. Less well known, according to Mr. Arima, was that the media mogul worked with the CIA to promote nuclear power.
Apparently, Obama's admission that the U.S. government was responsible along with Israel for the Stuxnet worm has some in the Senate very upset. That could come down to questions of liability for damage once the worm escaped in the summer of 2010. It might have to do with the danger that Iran's new cyberwarfare initiative (in response to Stuxnet) could present. Or it might come down to concerns that could be raised about the U.S. strategic relationship with Israel highlighted by the Olympic Games project. The Times article provides details from a number of attendees of a tense Situation Room meeting just days after the worm escaped from Iran's Natanz uranium enrichment plant to infect computers worldwide via the internet…
An error in the code, they said, had led it to spread to an engineer’s computer when it was hooked up to the centrifuges. When the engineer left Natanz and connected the computer to the Internet, the American- and Israeli-made bug failed to recognize that its environment had changed. It began replicating itself all around the world. Suddenly, the code was exposed, though its intent would not be clear, at least to ordinary computer users. “We think there was a modification done by the Israelis,” one of the briefers told the president, “and we don’t know if we were part of that activity.” Mr. Obama, according to officials in the room, asked a series of questions, fearful that the code could do damage outside the plant. The answers came back in hedged terms. Mr. Biden fumed. “It’s got to be the Israelis,” he said. “They went too far.”
Obama decided at that meeting to keep going with the Olympic Games operation, and over the next weeks the Natanz plant was hit by newer versions of the worm, eventually destroying nearly 1,000 of 5,000 centrifuges (or closer to 2,000 centrifuges, depending on who you ask). Meanwhile, internet computer sleuths and security experts were busy cracking the Stuxnet code, and quickly discovered its nature, target and likely origins. The above-mentioned Yomiuri Shinbun reported in October of 2010 that the worm, designed to infect German energy giant Siemens' widely used energy industry computer control and monitoring software [Simatic WinCC Step7], had been confirmed to have infected at least 63 computers in Japan. By January of 2011 the IAEA was hot on the case, as Reuters reported serious concerns about nuclear plant safety…
Russia has urged NATO to investigate last year's Stuxnet attack on the Russian-built Bushehr nuclear plant in Iran, saying it could have triggered a disaster on the scale of the Chernobyl reactor explosion in Ukraine in 1986. "Stuxnet, or cyber attack as a whole, could be quite detrimental to the safety of nuclear facilities and operations," [IAEA director general Yukiya] Amano, a soft-spoken veteran Japanese diplomat, said in an interview in his 28th-floor office in Vienna. He acknowledged the IAEA had only limited knowledge about the computer worm, which some experts have described as a first-of-its-kind guided cyber missile.
The original Stuxnet worm was so targeted that it took industrial control system PLC [Programmable Logic Controller] engineers in Germany with extensive knowledge of Siemen's products to crack the "what does Stuxnet do?" question posted by the Symantec crew on their blog. It only took them three weeks to conclude that the worm had been created to target a single facility, rather than to silently wreak havoc in any industrial control system it infected…
"I was expecting some dumb DoS type of attack against any Siemens PLC," Langner later recalled. "So this was absolutely freaking. To see that somebody built such a sophisticated piece of malware - using four zero-day vulnerabilities, using two stolen certificates - to attack one single installation? That's unbelievable."
One of the German engineers, Ralph Langner, pinpointed the Iranian nuclear power plant at Bushehr as the target, not the now admitted (by Obama administration spokespersons) target of the centrifuge array at Iran's Natanz uranium enrichment plant. Nuclear power plants, even in Iran, do not do on-site uranium enrichment or fuel fabrication. It is unclear whether this finding reflects changes to the program added by the Israeli end of Olympic Games, but that does seem likely. The "call home" aspect of the worm once it managed to infect a system meant that those on the receiving end could override the specificity of the original targeting if they so desired, and insert commands designed to take control of physical systems and monitoring at ANY facility the worm infiltrated. It seems apparent in the NYTimes article that there came a point in the game where the Americans 'lost control' to their partners in Israel, who had their own plans and goals for using the powerful weapon they'd helped to create. This would help to explain IAEA director general Yukiya Amano's statement in early 2011 that the Stuxnet worm posed a threat to the safety of nuclear facilities in general and mentioning Bushehr in particular while saying nothing about the Natanz site. As can be seen from the very excellent Wired article about cracking and tracking the Stuxnet worm, the computer systems security experts quickly surmised from the sophistication and specificity of the malware they were examining that they had stumbled upon some kind of super-secret state-sponsored cyberweapon. In fact, the Symantec investigators tracked file names embedded in the code that indicated Israel's involvement. Given Israel's involvement, it was a short leap of logic to surmise that U.S. clandestine agencies were likely involved as well. Still, their professional loyalties were to their customers scattered all over the world, so they published their results anyway…
Although the researchers didn't really believe their lives were at risk for exposing Stuxnet, they laughed nervously as they recalled the paranoia and dark humor that crept into their conversations at the time. O Murchu began noticing weird clicking noises on his phone, and one Friday told Chien and Falliere, "If I turn up dead and I committed suicide on Monday, I just want to tell you guys, I'm not suicidal." The day news of the assassination plots broke, Chien joked to his colleagues that if a motorcycle ever pulled alongside his car, he'd take out the driver with a quick swerve of his wheels. When he left work that day and stopped at the first intersection, he was shaken - just for a moment - as he glanced in the rear-view mirror and saw a motorcycle pull up behind him.
In the end, the researchers discovered that there was an ending date embedded in the Stuxnet code, reminiscent of the "countdown" embedding discovered by Jeff Goldblum's character in the movie Independence Day. The worm was programmed to go dormant on June 24, 2012. Thus it would seem that given the computer security world's now-common knowledge of the Stuxnet worm, their success in devising and distributing protections against it, their reverse engineering discoveries fairly pinpointing the responsible parties (Israel and the U.S.), and the self-termination code dated for later this month, bent noses in the U.S. Senate amount to a tempest in a teapot. The truly important revelation in all this - the one that does speak loudly to the vulnerability of both computer-dependent national infrastructure and Fukushima-demonstrated dangers of reliance upon nuclear power generation - is that the Stuxnet worm is just the first wave of a whole new type of security challenge in the modern world, one that should inform us in no uncertain terms that earthquakes and tsunamis, "operator error" and lousy design/engineering are not the only threats we face. One thing has not changed in the past ~60 years: nuclear technology is as much a desirable target of enemies as it is a desirable perk of power. The danger to populations and territory that we now know nuclear disasters present is reason enough to re-think our energy commitments for the future.