Inside the Stuxnet story

Israel Tested Stuxnet Worm with US Cooperation, Says NY Times
by Tzvi Ben Gedalyahu, INN

Israel, with cooperation from the United States, reconstructed Iran’s centrifuges in Dimona, where it tested the Stuxnet worm that has set back Iran’s nuclear program at least five years, The New York Times reported Sunday. The wildly successful virus attack has virtually achieved the same time delay as those envisioned by various scenarios of military attacks.

The clandestine operation at the nuclear center in southern Israel began at least two years ago and has severely affected Iran’s uranium enrichment program far more than previously reported, the article stated, based on various sources from Israel, the United States and Britain.

One American intelligence expert told the Times, “To check out the worm, you have to know the machines. The reason the worm has been effective is that the Israelis tried it out.” Then-President George W. Bush gave the go-ahead for US-Israel cooperation for the project in 2008, sources said.

Israel apparently obtained the centrifuges used in uranium-enriching plants in Iran and successfully tested the Stuxnet virus. The worm is the most advanced Cybernet weapon ever known. It not only knocked Iran’s spinning centrifuges out of control, it also arranged that the computer feedback to engineers showed that everything was running as normal.

The success of the lethal worm appears to be far greater than previously estimated. “Israeli officials grin widely when asked about its effects,” the Times reported.

Surprising statements in the past two weeks by American and Israeli officials have offered clear indications of the Israeli-American achievement. U.S. Secretary of State Hillary Clinton said that Iran’s nuclear program has been set back several years, ostensibly because of America-backed sanctions.

Outgoing Mossad intelligence agency director Meir Dagan and Strategic Affairs Minister Moshe Yaalon said Iran’s technical problems at its nuclear sites have pushed back the time clock for an Iranian nuclear weapon at least until 2015.

By that time, Iran’s struggling economy, marked by spiraling inflation, could undermine the regime of Iranian President Mahmoud Ahmadinejad.

Stuxnet Virus ‘Warheads” Could Knock Out Iran’s Utility Systems

by David Lev
Follow Israel news on Twitter and Facebook.

A secret report by the International Atomic Energy Agency leaked on Tuesday said that Iran had been forced to suspend activity on enriching uranium, because of “technical problems” that have surfaced in thousands of centrifuges at its Natanz nuclear reactor.

The centrifuges, which are used in the enrichment project, were taken out of service, with the entire enrichment project there on hold, the report said – indicating, observers said, that Iran’s problems with the particularly malignant Stuxnet computer virus were not yet over.

A weekend article in The New York Times quoted German security expert Ralph Langer as saying that the Stuxnet virus, which he identified in September as the worm that has caused major problems at Iran’s Bushehr nuclear plant, was still alive and well, despite Iranian denials. But instead of just disabling centrifuges, the virus can also “confuse” frequency convertors that control all sorts of mechanical and industrial processes, Langer wrote – giving Stuxnet not one, but two “warheads” that could cause severe damage to infrastructure, including water, gas and electric systems.

The virus is also far more virulent than had been thought, Langer said; it was designed to attack control systems manufactured by Germany’s Siemens, which are in use in infrastructure throughout the world. The Times article quoted a U.S. security expert who said that “computer security organizations were not adequately conveying the potential for serious industrial sabotage that Stuxnet foretells,” implying that many of the world’s power plants, water facilities, and other basic infrastructure that are dependent on automated control systems, are at serious risk.

But while that is possible, says Israeli security expert Rafael Sutnick, there seemed to be little likelihood that Stuxnet would “leak out” to other facilities, based on what we know about it so far.

“Whoever unleashed it on Iran seems to have a tight rein on it,” Sutnick said. “So far, Iran is the only place we’ve seen the virus active, indicating that it was a specific target and did not reach the country’s computer network by chance or accident. Whoever designed this knew what they were doing, and the experts who have analyzed the code say that years of work went into designing it. So I don’t see it disabling infrastructure randomly.”

His comments again raise the question of just who might have produced the virus. Already in September, experts were saying that Stuxnet appeared to have been far too sophisticated to have been designed by amateur hackers, and the latest information published by Langer seems to confirm this. Which brings around what has become a perennial question in the Stuxnet saga: If Iran, as Sutnick and other experts say, is being deliberately targeted, does that mean that Israeli experts designed the virus?

“No one knows, and no one will probably ever know,” says Sutnick. “It’s interesting that the IAEA report mentions the Natanz facility as having been compromised. Natanz was built eight meters underground and was topped with dozens of meters of reinforced concrete and earth in 2004, in anticipation of a possible attack by Israeli or American ‘bunker buster’ bombs.

“In other words, Natanz was designed to be the most secure Iranian nuclear site – but it has proven to be as vulnerable as an open computer network, apparently.” Whether Israel was behind the attack is impossible to know, he said – but there’s no doubt that the IAEA report has made Israelis happy.

January 16, 2011 | 13 Comments »

Subscribe to Israpundit Daily Digest

Leave a Reply

13 Comments / 13 Comments

  1. At the end of the day, not having access to the requisite intel, I’m not sure who did this.

    My gut hunch – my VERY STRONG gut hunch – is that this was an Israeli project from beginning to end. The U.S. had nothing to do with this.

    First, when it comes to Israel, among other issues (e.g, man-made global warming), but especially Israel, the press lies like mad.

    Second, I’m surprised that Yamit would claim that Israel does not have this technology. Israel is the country that:

    – Invented the cell phone.

    – Invented wi-fi.

    – Produces the best AWACS in the world (Phalcon), bar none.

    – Invented anti-viral software.

    – Has such advanced on-board ECM systems on fighter aircraft, that the F-15s that hit that Syrian reactor in ’07 went in TOTALLY UNDETECTED, I understand. Effectively, complete stealth without the super-expensive, funny-looking airframe. Only problem with using conventional ECM instead of the expensive airframe is that for the ECM to work, you must have all the relevant frequencies of the enemy systems in advance; a very thorough ELINT is required that is unnecessary for “stealth” airframes. But hey, it sure worked, didn’t it? And for lots cheaper than F-22s or F-35s….

    I’m sure Yamit could come up with many more such examples.

    I think the country that could do all that, could come up with Stuxnet. Especially given the urgency of the problem to be dealt with.

    There was urgency in the U.S, too. Our Arab “allies” were screaming bloody murder over Iran’s nuke program, per Wikileaks (but precisely because of Wikileaks, I tend to doubt the U.S. could have kept their end of this secret, if they had an end in this). And, we sure needed a way to keep Israel from “pulling the trigger” and touching off a nasty war.

    But there was “urgency” in the other direction, too. Obama likes very much to keep the prospect of Iranian nukes hanging over Israel’s head, all the better to coerce them into caving into the Palestinians….He also likes the idea of Iran forcing the Sunni Arab world into dependency on the U.S. for defense. Sure made for a nice arms deal with the Saudis…

    I am incredulous that this same president who did not lift a finger to help Iranian pro-democracy activists – so far as is known publicly, anyway – would take such an aggressive action as this. This, the “apology tour” president, who is solidly cut from an ideological mould that blames everything on the U.S., that says he must “make the U.S. safe for the world”, rather than the world safe for the U.S. and her allies. To him and his ilk, Iran is just another well-deserved “blowback” for our arrogant and stupid imperialistic policies going back decades.

    BUT….Obama’s domestic agenda is in trouble. He’s got this ferocious Congress to deal with all of a sudden. The poor unwashed masses who were supposed to welcome his program with open arms have proven to be far more reactionary than anticipated, and so, it will take a lot longer to achieve his intended policy goals than he thought.

    THUS…He HAS to get re-elected. And, for now, he isn’t going to score many brownie points in that direction, by, among other things, alienating Israel and more importantly, her many domestic supporters here. This last election cycle, Democratic fundrasing stank on ice…Republicans were positively RAKING it in…Jews have turned against Obama over Israel in droves (he thought they didn’t care; boy was he ever wrong about that; they may not have that many votes in absolute terms, but they had traditionally been BIG donaters to the Dems, but because of him they were and are PISSED)…CONNECT THE DOTS.

    SO, time for the shiny new 2011 edition of Obama…the one that works hand-in-glove with our staunch ally, Israel, to make sure those nasty Iranians don’t get nukes. See everybody, we [Israel and the U.S.] are still good buddies. America under Obama is standing shoulder-to-shoulder with the Good Guys against the Bad Guys, the lunatics aren’t running the asylum after all. So, between that and printing a bunch more money for some phony short-term “prosperity”…how about giving him another chance, eh?

    Bottom line, I don’t trust Obama, and I sure don’t trust the media, especially the NYT. I smell a rat. A rat as big as a cat.

    Israel confounds her enemies again. That is the real deal with Stuxnet, I strongly suspect.

    Bravo, Israel.

  2. The only thing we can really be sure of is that Obama had absolutely nothing to do with this.He would never take warlike action against the Islamic Republic of Iran. He prefers to continue his two years of failed negotiations forever.In fact he would likelyturn down such a request because if revealed, it would kill his FANTASY chance of negotiation.

    Even more reasons Obma would never support this: It would really tick of the radical left and unite world muSLIMES agains the U.S> to an even greater degree, also would use the Gitmo canard…”this Cyber attack on a MUSLIME country would be the poster child for recruiting terrorists!

    USA now has weak knee Generals who cowtow to “Commander” Obama, they even threatened toshoot Israeli jets down on the way to Iran!!!The US was not involved in any or in any significant way!!!

    Ahminimidget’s interest in saying it was an American- Israeli project is to make it look like the BIG Satan and the Little satan (his words0 are conspiring against poor Iran

    Also doesn’t want it to appear to the muSLIME Street that Israel alone could disable Iran’s long, expensive Nuke program without firing a shot…he muuch rather tell the people that the USA Superpower helped create Iran’s problem…the country could buy that, they could not buy ISRAEL brought the program down.

  3. I have been puzzled for quite some time, wondering why Israel hadn,t already taken out Iran’s nuclear facilities. I don’t know who developed the worm, but THANK YOU to whomever!!!

  4. According to an article in the New York Times by Wm. Broad, John Markoff, and David Sanger, both the US and Israel were very much involved–probably THE involved parties–in Stuxnet. I will copy from and paraphrase their article as it appeared in my local paper below.

    The reporters say that in early 2008 the German company Siemens cooperated with the United States Dept. of Energy at the Idaho National Laboratory to identify the vulnerabilities of controller machines that Siemens sells around the world. Specifically, the Idaho laboratory studied the PCS-7, or Siemens Process Control System 7. In January 2009 Bush authorized a covert program to undermine electrical and computer systems around Natanz. In April 2009 111 boxes headed for Iran from the port of Dubai, according to Wikileaks, may have contained controller machines.

    In June 2009 Stuxnet began appearing primarily in Iran, but also in India, Indonesia, and other countries. But it didn’t seem to be doing much harm. It seemed to be designed to hurt only a certain configuration of machines, such as those found in a centrifuge plant.

    Ralph Langner, a German independent security expert, was one of first to decode Stuxnet. He says it works in two ways: it causes centrifuges of the type used by Iran to spin wildly out of control, but it pre-records normal operations and plays it back during the disruption to lull operators watching security tapes into thinking all is well. He mentions that in one instance, he noted that Stuxnet was set up to work only when 984 machines were linked. Then in late 2009 when international inspectors visited Natanz, they found that exactly 984 linked machines had been taken out of service. (The implication being–by Stuxnet.)

    The reporters traced back from A.Q.Khan, a Pakistani who stole the design for a uranium enriching machine from the Dutch in the 1970’s and fled back home. This P-1 machine was later sold to Iran, Libya, and North Korea. (The US got some of these when Libya opted out of the nuclear race? And how did Israel get them to use in testing?)

    The implication of the reporters is that the US and Israel cooperated to create Stuxnet, with Israel doing the figuring and/or testing of the worm on machines (perhaps P-1’s supplied by the US) that matched Iran’s type of machines. They note that an Israeli expert says the worm looks like Israeli work. And they speak of a lot of big grins by American and Israeli officials despite answering “no comment” to direct questions about Stuxnet.

    So it looks as if these three reporters are convinced Stuxnet is the creation of a joint US/Israeli effort, very specifically targeting the Iranian centrifuge complexes.

    Whoever did it, hurrah! Great work! (And note, like the Israeli Defense Forces, the worm is very careful to prevent “collateral damage.”)

  5. B.Poster says:

    Haven’t you heard America for all practical purposes left Iraq. They are mostly guarding the oil fields and the green zone. The Iranians have almost complete control as per agreement with the Americans.

    So none of your comment makes much sense. It’s a done deal made with Bush and executed by Obama. The virus has nothing to do with anything, and it’s untraceable to it’s source. I even read an opinion that suggested the Chinese were behind the stuxnet. A lot of disinformation has been spread around. You have apparently ingested much of that disinformation.

  6. highlander: If you noticed, it was me who posted that item!!

    Just have a little fun Yamit82. Good reply.

  7. highlander says:

    Damn! Those sorry ass Americans, Yamit raves about all the time. They have gone and done it again! Set loose this stuxnet thing on the Iranian Nukes, and rang their electronic chimes!

    What a pity! Now Israel won’t have to put at least half of its air force at risk in an ultra long range,and quite iffy attack on Iran’s underground nuke facilities.

    highlander: If you noticed, it was me who posted that item!! An item that gives most of the credit to America, Bush and Obama. If true I am the first in line to give credit to America and her leadership when I believe credit and even thanks is due. I am also sure that there are many other actions taken by America that have helped Israel in the past as well as the present, much of which has not been made public. I have always maintained and occasionally showed that the relationship between America and Israel as to benefits and negatives is a mixed bag that all things considered for Israel the negatives far outweigh the benefits. I still maintain that position. If the Americans are the ones behind stuxnet then they did it for American interests and not Israels, of that I am also sure. Israel or America will still need to destroy Iran’s nuclear capability otherwise they will eventually get what they want. I saw an item yesterday that they have a major delegation in N. Korea and it might be assumed they re going to do their actual testing of their nukes there. Iran has enough resources that they could probably buy off the shelf nukes from a number od sources including Pakistan, any of the FSR’s and N. Korea. They have the delivery platforms. It is also reasonable to assume they already have a number of assembled nukes. That the whole project of of nuclear processing is just a diversion hiding their real aims. That being the ability to weaponize and fit warheads to rocket platforms already in service and or development.

    For what it’s worth: Sam Cohen, the Father of the Neutron Bomb believes they have at least five operational nuclear devices NOW!

    It is curious that nobody questions Iran’s motives for an almost transparent drive to develop nukes when every other nuclear and near nuclear country developed their nukes in strict secrecy like India, Pakistan and N Korea not to mention Libya and Syria. Nobody asks why Iran is so open about their intentions and why have they invited international pressure and sanctions when they could have developed like others their project in secret below the worlds radar?

    Time will tell how much we have to thank America for and how much to condemn them.

  8. Its highly unilikely that the Americans were involved with Stuxnet on any level. First of all the Americans are trying to withdraw from Iraq in a face saving manner. In order to withdraw from Iraq in a speedy and face saving manner, they are going to need Iranain cooperation on some level. As such, an operation like this is to risky for the Americans to be involved in. If they were caught by the Iranians, it would undermine the goal of a speedy face saving withdrawl from Iraq and the rest of the Middle East, as the Iranians would be almost certain to retaliate directly against America and its interests. Secondly, it has been well known even before the wikileaks fiasco, that the Americans are incapable of keeping a secret. As such, if the Americans were involved even remotely on some level, the Iranians would have been certain to find out even before the operation could get good and started. See the first reason why the Americans wouldn’t be involved in something like this.

    The Israelis and any one else who might have an interest in developing or releasing Stuxnet against Iran is well aware of the Americans desire for a speedy and face saving withdrawl from Iraq. As such, they would know that if America had any beforehand knowledge whatsoever of Stuxnet they would likely notify the Iranians of this and work with the Iranians to thwart the attack, assuming the Iranians would trust the Aemricans in this matter. Even if the Americans didn’t notify the Iranians, the Iranians would still find out because of America’s complete inability to keep a secret. Anyone who would develop or release Stuxnet would be aware of this and would work overtime to ensure the Americans had no knowledge of Stuxnet.

    Since the Americans were not involved in this on any level, who is spreading the rumor that it was and why? I think it is the Iranians themselves!! The reason is what we really need to worry about is an Iranian military attack on America and its interests not the other way around. The poor fools in the media and government who have been working tirelessly to prevent an American military attack on Iran have actually undercut a valuable option the Americans may have had to defend themselves against Iranian aggression. The Iranians need to justify the attack on America. By spreading rumors that the Americans were involved in Stuxnet they are able to justify their attack on Aemrica. They have plenty of lackeys in the media and the American government to help them here.

  9. It was a great move, but it only buys more time. I hope they were thoughtful enough to have a follow up stratagy that can be implemented soon or things will be right back to where they were.

  10. Damn! Those sorry ass Americans, Yamit raves about all the time. They have gone and done it again! Set loose this stuxnet thing on the Iranian Nukes, and rang their electronic chimes!

    What a pity! Now Israel won’t have to put at least half of its air force at risk in an ultra long range,and quite iffy attack on Iran’s underground nuke facilities.

  11. Stuxnet clarified

    The New York Times has published details of the Stuxnet affair that clarify the story. The US Department of Energy got access to Siemens controllers eventually targeted by Stuxnet when the company asked DoE to investigate problems with its controllers. The trojan development was authorized by Bush and ordered intensified by Obama.

    IDF’s unit 8200, great as it is, lacks the capability to develop such sophisticated malware. Israel’s role was apparently limited to developing the technological scenario: what the trojan must do to damage the motors while remaining undetected.

    Instead of breaking all the centrifuges at once, the trojan’s developers chose to act slowly. The Iranians suspected trouble and appealed to Russia for help after 10% of the centrifuges had been damaged.