YES. THEY GIVE THE US THE FINGER!
Iran is under cyber threat as Obama offers nuclear negotiations
DEBKA file Exclusive Report September 23, 2010, 1:26 PM (GMT+02:00)
Deadly new Stuxnet, soldier in cyber war
By choosing US President Barack Obama and Iran's Mahmoud Ahmadinejad to deliver the opening addresses at the UN General Assembly session in New York Thursday, Sept. 23, the UN secretariat told the world that Iran's drive for nuclear bomb dominated world affairs at this time.
Debka file's military and intelligence sources note in this regard the US press leaks appearing since Monday, Sept. 20, which maintain that the United States has embarked on a clandestine cyber war against Iran and that Israel has established elite cyber war units for this purpose.
According to our Washington sources, Obama has resolved to deal with the nuclear impasse with Iran by going after the Islamic republic on two tracks: UN and unilateral sanctions for biting deep into the financial resources Iran has earmarked for its nuclear program, and a secret cyber war which the US is conducting jointly with Israel for crippling its nuclear facilities.
In New York, quiet exchanges are ongoing with Ahmadinejad's delegation for renewing the Six Power talks on Iran's banned uranium enrichment program. he US offer to go back to the negotiating table was made against a background of deliberately leaked revelations by US security sources to US media regarding the recruitment of Israel military and security agencies of cyber raiders with the technical know how and mental toughness for operating in difficult and hazardous circumstances, such as assignments for stealing or destroying enemy technology, according to one report.
Debka file's sources disclose that Israel has had special elite units carrying out such assignments for some time. Three years ago, for instance, cyber raiders played a role in the destruction of the plutonium reactor North Korea was building at A-Zur in northern Syria.
On Monday, too, the Christian Science Monitor and several American technical journals carried revelations about a new virus called Stuxnet capable of attacking and severely damaging the servers of large projects, such as power stations and nuclear reactors.
All the leaked reports agreed on three points:
1. Stuxnet is the most advanced and dangerous piece of Malware every devised.
2. The experts don't believe any private or individual hackers are capable of producing this virus, only a high-tech state such as America or Israel.
3. Although Stuxnet was identified four months ago, the only servers known to have been affected and seriously damaged are located in Iran.
Some computer security specialists report lively speculation that the virus was invented specifically to target part of the Iranian nuclear infrastructure, either the Bushehr nuclear plant activated last month or the centrifuge facility in Natanz.
debkafile's sources add: Since August, American and UN nuclear watchdog sources have been reporting a slowdown in Iran's enrichment processing due to technical problems which have knocked out a large number of centrifuges and which its nuclear technicians have been unable to repair. It is estimated that at Natanz alone, 3,000 centrifuges have been idled. None of the reports indicate whether other parts of Iran's nuclear program have been affected by Stuxnet or the scale of the damage it may have caused.
Tuesday, September 28, 2010
Pentagon has no comment on Stuxnet
The Pentagon has said that it has no comment about the Stuxnet computer worm that is infecting many computer systems in Iran, apparently including Iran's nuclear facilities.
The Pentagon is refusing to comment on widespread accusations that it is responsible for coordinating a cyber-attack against Iran's nuclear facilities. Earlier this month the Iranians acknowledged the "Stuxnet Worm" had invaded software it uses at multiple nuclear production plants.
Pentagon Spokesman Col. David Lapan said Monday the Department of Defense can "neither confirm nor deny" reports that it launched this attack.
But in a lengthy post about the Stuxnet worm, Allahpundit points to a post by Jennifer Dyer, who argues that neither the United States nor Israel is behind the worm.
This frankly doesn’t sound to me like something the US or Israel would cook up. Besides being irresponsible, it’s inelegant, and dramatically increases the likelihood of detection before the worm can achieve its goal. It’s unnecessary – if the goal is sabotage.
The emphasis on eruptions in India, Indonesia, and Iran is also hard to explain. Why not two other nations and Iran? That it could be random seems very unlikely. One’s first thought would be that a set of similar USB drives was shipped to each country for some innocuous, probably even non-nuclear-related purpose. Siemens does business with all three, although if a set of drives was tampered with, the provenance wouldn’t have had to be Siemens. It would, however, have presumably been a company that does business with all three nations.
There is also the weird fact that in the alphabetical (English) list of world nations, India, Indonesia, and Iran occur one after the other in direct sequence. Silly as this seems, it’s a remarkable coincidence, and may lend weight to the theory about a shipment of altered drives. It’s hard to find another link between the nations that would make these three, and no others, overwhelmingly susceptible to the Stuxnet infestation.
Of the nations that could have pulled this off, however, there is one that might have a reason to target the three most-infected countries in particular, and that’s China. Although this week’s reports have all focused on the design of Stuxnet for industrial sabotage, it was clear in July that its design also suits it for industrial espionage. Some tenuous indications have been alluded to that suggest a Chinese link to the worm, but no concrete proof has been unearthed.
In their excitement over the undoubted sophistication of the worm, commentators seem to be missing the operational – as opposed to technical – fact that it has been detected and analyzed, but it hasn’t succeeded in shutting down Iran’s nuclear program, or even in materially hindering it. And now it isn’t going to. Spreading Stuxnet unnecessarily to so many computers doesn’t jibe with a goal of achieving a dastardly and decisive effect against Iran’s nuclear program. The more computers something proliferates to, the more likely it is to be detected somewhere – and detection ends Stuxnet’s career.
So I am unconvinced right now by the argument that the US or Israel designed this thing to attack Iran’s nuclear program. It would make more sense if China designed it to gather and update information on Siemens controllers, and to serve under limited and specific conditions as an executioner. But if Iran was the main target of such a project, that suggests a whole set of fresh analytical factors in the China-Iran relationship.
One other great quote from Allahpundit's post:
That’s one of many mysteries here — not only who rolled it out, but how long has it been around and what, precisely, is it up to? Rather than drone at you, let me instead recommend this useful primer about the worm at New Scientist explaining how it works and why it’s blowing the minds of cybersecurity experts who deal with it. In a nutshell, it’s fantastically sophisticated, hacking four previously unknown vulnerabilities of Microsoft Windows in order to gain entry to a system. It’s also fantastically specific, targeting industrial machinery operated by the German electronics company Siemens, which just so happens to run a bunch of Iranian nuclear infrastructure. And it’s potentially fantastically dangerous: Unlike most worms, which are used to gather information and spy, Stuxnet is aimed at messing up the timing of heavy industrial machines, which could lead to mechanical breakdowns or even explosions.
Israel Stragetically Requires More Territory Not Less
The lessons of Stuxnet
by Caroline Glick
There’s a new cyber-weapon on the block. And it’s a doozy. Stuxnet, a malicious software, or malware, program was apparently first discovered in June.
Although it has appeared in India, Pakistan and Indonesia, Iran’s industrial complexes – including its nuclear installations – are its main victims.
Stuxnet operates as a computer worm. It is inserted into a computer system through a USB port rather than over the Internet, and is therefore capable of infiltrating networks that are not connected to the Internet.
Hamid Alipour, deputy head of Iran’s Information Technology Company, told reporters Monday that the malware operated undetected in the country’s computer systems for about a year. After it enters a network, this super-intelligent program figures out what it has penetrated and then decides whether or not to attack. The sorts of computer systems it enters are those that control critical infrastructures like power plants, refineries and other industrial targets.
Ralph Langner, a German computer security researcher who was among the first people to study Stuxnet, told various media outlets that after Stuxnet recognizes its specific target, it does something no other malware program has ever done. It takes control of the facility’s SCADA (supervisory control and data acquisition system) and through it, is able to destroy the facility. No other malware program has ever managed to move from cyberspace to the real world. And this is what makes Stuxnet so revolutionary. It is not a tool of industrial espionage. It is a weapon of war.
From what researchers have exposed so far, Stuxnet was designed to control computer systems produced by the German engineering giant Siemens. Over the past generation, Siemens engineering tools, including its industrial software, have been the backbone of Iran’s industrial and military infrastructure. Siemens computer software products are widely used in Iranian electricity plants, communication systems and military bases, and in the country’s Russian-built nuclear power plant at Bushehr.
The Iranian government has acknowledged a breach of the computer system at Bushehr. The plant was set to begin operating next month, but Iranian officials announced the opening would be pushed back several months due to the damage wrought by Stuxnet. On Monday, Channel 2 reported that Iran’s Natanz uranium enrichment facility was also infected by Stuxnet. On Tuesday, Alipour acknowledged that Stuxnet’s discovery has not mitigated its destructive power.
As he put it, “We had anticipated that we could root out the virus within one to two months. But the virus is not stable and since we started the cleanup process, three new versions of it have been spreading.”
While so far no one has either taken responsibility for Stuxnet or been exposed as its developer, experts who have studied the program agree that its sophistication is so vast that it is highly unlikely a group of privately financed hackers developed it. Only a nation-state would have the financial, manpower and other resources necessary to develop and deploy Stuxnet, the experts argue. Iran has pointed an accusatory finger at the US, Israel and India. So far, most analysts are pointing their fingers at Israel. Israeli officials, like their US counterparts, are remaining silent on the subject.
While news of a debilitating attack on Iran’s nuclear installations is a cause for celebration, at this point, we simply do not know enough about what has happened and what is continuing to happen at Iran’s nuclear installations to make any reasoned evaluation about Stuxnet’s success or failure. Indeed, The New York Times has argued that since Stuxnet worms were found in Siemens software in India, Pakistan and Indonesia as well as Iran, reporting, “The most striking aspect of the fast-spreading malicious computer program… may not have been how sophisticated it was, but rather how sloppy its creators were in letting a specifically aimed attack scatter randomly around the globe.”
ALL THAT we know for certain is that Stuxnet is a weapon and it is currently being used to wage a battle. We don’t know if Israel is involved in the battle or not. And if Israel is a side in the battle, we don’t know if we’re winning or not. But still, even in our ignorance about the details of this battle, we still know enough to draw a number of lessons from what is happening.
Stuxnet’s first lesson is that it is essential to be a leader rather than a follower in technology development. The first to deploy new technologies on a battlefield has an enormous advantage over his rivals. Indeed, that advantage may be enough to win a war.
But from the first lesson, a second immediately follows. A monopoly in a new weapon system is always fleeting. The US nuclear monopoly at the end of World War II allowed it to defeat Imperial Japan and bring the war to an end in allied victory.
Once the US exposed its nuclear arsenal, however, the Soviet Union’s race to acquire nuclear weapons of its own began. Just four years after the US used its nuclear weapons, it found itself in a nuclear arms race with the Soviets. America’s possession of nuclear weapons did not shield it from the threat of their destructive power.
The risks of proliferation are the flipside to the advantage of deploying new technology. Warning of the new risks presented by Stuxnet, Melissa Hathaway, a former US national cyber security coordinator, told the Times, “Proliferation is a real problem, and no country is prepared to deal with it. All of these [computer security] guys are scared to death. We have about 90 days to fix this [new vulnerability] before some hacker begins using it.”
Then there is the asymmetry of vulnerability to cyberweapons. A cyberweapon like Stuxnet threatens nation-states much more than it threatens a non-state actor that could deploy it in the future. For instance, a cyber-attack of the level of Stuxnet against the likes of Hizbullah or al-Qaida by a state like Israel or the US would cause these groups far less damage than a Hizbullah or al-Qaida cyber-attack of the quality of Stuxnet launched against a developed country like Israel or the US.
In short, like every other major new weapons system introduced since the slingshot, Stuxnet creates new strengths as well as new vulnerabilities for the states that may wield it.
As to the battle raging today in Iran’s nuclear facilities, even if the most optimistic scenario is true, and Stuxnet has crippled Iran’s nuclear installations, we must recognize that while a critical battle was won, the war is far from over.
A war ends when one side permanently breaks its enemy’s ability and will to fight it. This has clearly not happened in Iran.
Iranian President Mahmoud Ahmadinejad made it manifestly clear during his visit to the US last week that he is intensifying, not moderating, his offensive stance towards the US, Israel and the rest of the free world. Indeed, as IDF Deputy Chief of Staff Maj.-Gen. Benny Ganz noted last week, “Iran is involved up to its neck in every terrorist activity in the Middle East.”
So even in the rosiest scenario, Israel or some other government has just neutralized one threat – albeit an enormous threat – among a panoply of threats that Iran poses. And we can be absolutely certain that Iran will take whatever steps are necessary to develop new ways to threaten Israel and its other foes as quickly as possible.
What this tells us is that if Stuxnet is an Israeli weapon, while a great achievement, it is not a revolutionary weapon. While the tendency to believe that we have found a silver bullet is great, the fact is that fielding a weapon like Stuxnet does not fundamentally change Israel’s strategic position. And consequently, it should have no impact on Israel’s strategic doctrine.
In all likelihood, assuming that Stuxnet has significantly debilitated Iran’s nuclear installations, this achievement will be a one-off. Just as the Arabs learned the lessons of their defeat in 1967 and implemented those lessons to great effect in the war in 1973, so the Iranians – and the rest of Israel’s enemies – will learn the lessons of Stuxnet.
SO IF we assume that Stuxnet is an Israeli weapon, what does it show us about Israel’s position vis-à-vis its enemies? What Stuxnet shows is that Israel has managed to maintain its technological advantage over its enemies. And this is a great relief. Israel has survived since 1948 despite our enemies’ unmitigated desire to destroy us because we have continuously adapted our tactical advantages to stay one step ahead of them. It is this adaptive capability that has allowed Israel to win a series of one-off battles that have allowed it to survive.
But again, none of these one-off battles were strategic game-changers. None of them have fundamentally changed the strategic realities of the region. This is the case because they have neither impacted our enemies’ strategic aspiration to destroy us, nor have they mitigated Israel’s strategic vulnerabilities. It is the unchanging nature of these vulnerabilities since the dawn of modern Zionism that gives hope to our foes that they may one day win and should therefore keep fighting.
Israel has two basic strategic vulnerabilities.
The first is Israel’s geographic minuteness, which attracts invaders. The second vulnerability is Israel’s political weakness both at home and abroad, which make it impossible to fight long wars.
Attentive to these vulnerabilities, David Ben- Gurion asserted that Israel’s military doctrine is the twofold goal to fight wars on our enemies’ territory and to end them as swiftly and as decisively as possible. This doctrine remains the only realistic option today, even if Stuxnet is in our arsenal.
It is important to point this plain truth out today as the excitement builds about Stuxnet, because Israel’s leaders have a history of mistaking tactical innovation and advantage with strategic transformation. It was our leaders’ failure to properly recognize what happened in 1967 for the momentary tactical advantage it was that led us to near disaster in 1973.
Since 1993, our leaders have consistently mistaken their adoption of the West’s land-forpeace paradigm as a strategic response to Israel’s political vulnerability. The fact that the international assault on Israel’s right to exist has only escalated since Israel embraced the landfor- peace paradigm is proof that our leaders were wrong. Adopting the political narrative of our enemies did not increase Israel’s political fortunes in Europe, the US or the UN.
So, too, our leaders have mistaken Israel’s air superiority for a strategic answer to its geographical vulnerability. The missile campaigns the Palestinians and Lebanese have waged against the home front in the aftermath of Israel’s withdrawals from Gaza and south Lebanon show clearly that air supremacy does not make up for geographic vulnerability. It certainly does not support a view that strategic depth is less important than it once was.
We may never know if Stuxnet was successful or if Stuxnet is Israeli. But what we do know is that we cannot afford to learn the wrong lessons from its achievements.
Originally published in The Jerusalem Post.