The mysterious origin of Stuxnet, long considered one of the world’s most dangerous computer worms, is a mystery no more. In a bombshell piece published today, The New York Times reports that Stuxnet was developed by the United States and Israel, and used by both the Bush and Obama administrations to wreak havoc on Iran’s nuclear facilities. Then it accidentally “escaped” into the wild.
Many have long suspected that the U.S. and Israel developed Stuxnet, which successfully (though only temporarily) shut down 1,000 of the 5,000 centrifuges Iran was using to enrich uranium at the Natanz nuclear facility, according to the report. But until now, such assertions remained unconfirmed, as the many cybersecurity experts who analyzed Stuxnet said its code contained little evidence of who developed the worm. In September of 2010, antivirus firm Kapersky Labs concluded that the Stuxnet attack on Natanz “could only be conducted with nation-state support and backing.” But that was as far as anyone got in discovering Stuxnet’s origins.
Today’s fascinating report was written by Times journalist David E. Sanger, and adapted from his upcoming book, Confront and Conceal: Obama’s Secret Wars and Surprising Use of American Power. Sanger’s findings are based on interviews with “American, Israeli, and European officials,” all of whom asked to remain anonymous due to the classified nature of the information, as well as “a range of outside sources.”
Sanger reports that the Bush administration, fearful of Iran developing nuclear weapons, launched an operation codenamed “Olympic Games.” Rather than launch a military strike against Iran’s nuclear facilities, as Vice President Dick Cheney and other hawks in the Bush administration urged, the National Security Agency (NSA) and Israeli computer experts developed Stuxnet, which was specifically designed to change the speed of Iran’s centrifuges, and thus cause massive damage to the delicate machinery.
After tests confirmed that Stuxnet worked as planned, spies and “unwitting accomplices,” including engineers and maintenance workers at Natanz, uploaded the worm onto the computer system at the nuclear facility using USB thumb drives and even their own computers. “That was our holy grail,” said one of the people in charge of the plan. “It turns out there is always an idiot around who doesn’t think much about the thumb drive in their hand.” Once Stuxnet had infected the system, the centrifuges began to break. The Iranians did not realize that it was their own computer system causing the damage; Stuxnet had been designed to tell the system’s operators that everything was operating normally.
When Bush left office, he successfully convinced Obama to continue both the Olympic Games program, as well as drone strike in Pakistan. According to Sanger, not only did Obama push forward with both programs, but ramped up the U.S.’s use of cyberwarfare, reportedly expanding operations to include the infection of Al Qaeda computers, and other such activities.
Then, in the summer of 2010, something went wrong. Stuxnet had been crafted to not spread to outside computer systems. But it did, likely through a Natanz engineer, who’s infected laptop was connected to the Internet, resulting in Stuxnet escaping the confines of the operation, and out into the public.
The unintended spread of Stuxnet was originally believed to be an “error” in its code. Some in the Obama White House suspected that the Israeli’s had modified it. From the report:
‘We think there was a modification done by the Israelis,’ one of the briefers told the president, ‘and we don’t know if we were part of that activity.’
Mr. Obama, according to officials in the room, asked a series of questions, fearful that the code could do damage outside the plant. The answers came back in hedged terms. Mr. Biden fumed. ‘It’s got to be the Israelis,’ he said. ‘They went too far.’
Sanger’s report comes just days after reports of a new cyberweapon, called “Flame,” which many have compared to Stuxnet, but which has been found to be far less nefarious. Despite this, it is clear that cyberwarfare is here to stay — and will surely become more common, and more dangerous.
Image via Benjamin Haas/Shutterstock