New York Times Reports US and Israel Behind Stuxnet

Oxford_Comma_Lover writes "Confirming heavy speculation in the Slashdot community, the New York Times reports that joint US-Israeli efforts were almost certainly behind the recent Stuxnet attack on Iran's nuclear program." The article stops just short of saying in so many words that Israeli is the doer, but leaves little doubt of its conclusion.

Still Speculative.

[Quick+Reply]

They probably "almost certainly" did, but the NYT article is still just speculation. The haven't confirmed anything.

Re:Still Speculative.

[timeOday]

Did you actually finish the article?

And the American expert in nuclear intelligence, who spoke on the condition of anonymity, said the Israelis used machines of the P-1 style to test the effectiveness of Stuxnet.

The expert added that Israel worked in collaboration with the United States in targeting Iran, but that Washington was eager for "plausible deniability."

How much more direct could a confirmation be? The only question is the veracity of the anonymous source.

Re:Still Speculative.

[epine]

The haven't confirmed anything.

I think your typing speed and your reading speed are linked together.

The article does a great job of laying out means and motive and avenues of military conspiracy, and furthermore, documents that the means are exceptionally esoteric and that the motives precisely align with recent policy statements on the parts of the alleged conspirators, who I might add have a brazen rap sheet, but who now seem to increasingly fear "three strikes and you're a lout".

Where the article fails hopelessly is explaining what a three year delay actually buys us. What's the leverage point? Is this just a bunch of politicians playing "not on my watch" or will the Risk board change in some interesting way over the short hiatus?

Will the Ahmadinejad faction wane as a result? Will it cause the Iranians a crisis of confidence in foreign technology procurement? This bit the Russians hard after the Siberian pipeline thing. Will the Americans sew things up in Iraq over that time period to enable them to better address the Iran situation when the pot finally boils?

These are the real questions the article fails to address.

Concerning the slow news day knee jerk, I don't understand why the jury convicted Hans Reiser. It was nothing but informed conjecture about an arrogant prick until he cracked post sentencing.

Re:Still Speculative.

[FooAtWFU]

I think the whole case is one of "We can't prove it, but honestly, it doesn't take a genius to figure it out." Means, motive, and opportunity: what more are you looking for?

Re:Still Speculative.

[rtb61]

Want real speculation, how about this. Will M$ bring all of it's legal, investigative and it's ability to provide cash incentives to seek fiscal redress for the way in which access the source code was used to publicly destroy the image of it's operating system security.

Many countries have recently announced their intent to drop the Windows Operating system due to the security weakness and exploitability as demonstrated by the Stuxnet virus, this will likely end up costing M$ billions of dollars in lost income. If M$ can prove access to it's source code was exploited by government to break the security of the program, regardless of the damage done to the public's perception of the security of the program, than M$ is fully entitled to damages done by the purposeful and malevolent attack upon one of it's core revenue streams.

Re:Still Speculative.

[grcumb]

Note that "an American expert in nuclear intelligence" would specifically not be someone who works in the gov't- If they could claim an anonymous official source they would.

That doesn't follow. The way in which an anonymous source is characterised is negotiated by the journalist and the source. The journalist typically wants to make the identity (or more to the point, the validity) of the source as clear as possible. The source wants to hide any detail that can identify them. In this case, because we're talking about a level of secrecy that, if breached, would almost certainly get someone killed, the source clearly didn't want any information released except that they knew what they were talking about.

This part of the intelligence world is very, very small, and the number of people who act as intermediaries between, for example, the IAEA and intelligence circles is even smaller.

Re:Still Speculative.

[h4rm0ny]

Three years is a long time for an unpopular government run by radicals, thieves, and thugs.

True, but I'm less optimistic than you about the American people overthrowing their government in that time scale.

When this happens to the US or its allies

[countertrolling]

It will considered an act of war resulting in the real thing, of course.

Re:When this happens to the US or its allies

[gman003]

The US is not fighting a war in Iraq. The US is fighting an occupation. This is a significantly different task, one that the American Army is not designed for. The US Army is designed to crush, to destroy, to annihilate the enemy - and the US Army is possibly the best army in the world at this. Fighting an insurgency is a much different task - it requires completely different training, logistics, organization, even equipment. The two are as different as HTML and assembly language.

The "war" part of Gulf War II was over in weeks. Very few conventional military forces can stand against the US, and none of those are in the Middle East. If the US launched a proper war (go in, kill every soldier, leave the country), the battle would last a few weeks. Think Poland in 1939 - I give Iran about a month of real Total War, before it collapses. And that's assuming the US doesn't use nukes - if it did, I give it about an hour before it becomes the Islamic Cinder Pile of Iran.

Re:When this happens to the US or its allies

[guyminuslife]

They don't have nukes. But lets say, for argument's sake, that they develop them.

First of all, any nuclear weapons that Iran develops are likely to be much smaller-scale than the weapons that have been rusting away in the US stockpiles since the 1950s. Fat Man and Little Boy were big bombs, but they aren't even close to the scale of the arms developed during the Cold War.

Second, a nuclear Iran does not mean the difference between zero nuclear weapons and the stockpile that, say, Russia/Britain/India has. There's a recurring cost and a recurring development time.

Third, and probably most importantly, Iran doesn't have the capacity to send long-range missiles. (This is also the case with North Korea.) They could nuke Israel, but not much further than that. The United States would not see any damage due to conventional deployment; the only way that Iran would be able to attack would be to supply terrorist groups.

But then their country's ash. I don't have particularly high esteem for the Iranian leadership, but they're not stupid, they're not suicidal, and they understand MAD. So it's a moot point. The rationale for wanting nukes is pretty obvious: Iran is in a position where two of its neighbors got invaded in the past 10 years by the Americans, who they don't stand a chance against in a conventional war, and who have been rattling their sabers since 1979. I don't think Iran particularly cares about starting a war, the nuclear program is more of a deterrent against turning into Iraq or Afghanistan.

Re:When this happens to the US or its allies

[Sun]

It still just might cause a war. Sure, Iran can't fight a war with the US, but it can (and probably will) fight Israel. THAT would be nasty.

Iran is already fighting Israel. They do most of it by financing, supplying weapons (and using it to gain influence on) Hammas, but sometimes they use a direct agent (Hizbullah). If Israel is behind Stuxnet (no personal knowledge, but it makes sense that it is), then this is not "just cause for war". It is merely a battle in a war that is already ongoing (as is Iran's disregard for signing the no dissemination treaty, and so on and so forth).

Shachar

Re:When this happens to the US or its allies

[ObsessiveMathsFreak]

The US Army is designed to crush, to destroy, to annihilate the enemy - and the US Army is possibly the best army in the world at this.

Only the Vietnam People's Army surpasses them!

Re:When this happens to the US or its allies

[_Sprocket_]

Iraq feel because it was neither prepared nor ready for war. Iran has been preparing for war for close to a decade, apace.

I'm really curious as to why you seem to portray the Iraqi army as a push-over but somehow Iran isn't. The Iraq-Iran war was a stalemate. Iraq had access to Western and Soviet hardware. Iraq built up the 4th largest army in the world. And while that army was greatly reduced after the Gulf War, I find the characterisation of being "unprepared" hard to accept. Granted - in comparison to what they went up against, the Iraqi forces were ill-equipped. But then that leads to the question of why you believe Iran is in such a better situation?

I should note that I don't believe an invasion of Iran would be a "walk in the cake" either. But I suspect the problems would be more of the same issues we're seeing with Iraq today which is very much removed from conventional warfare.

P.S. My friends from the 101st assure me that your characterization of the narrow nature of US forces and their training and preparation is also largely a pile of poop; US Armed Forces are also one of the largest and most prepared humanitarian response forces, as well.

Policing and counter-insurgency is very different than helping people pick up the pieces after a war or a natural disaster.

Re:When this happens to the US or its allies

[phantomfive]

The rationale for wanting nukes is pretty obvious: Iran is in a position where two of its neighbors got invaded in the past 10 years by the Americans, who they don't stand a chance against in a conventional war, and who have been rattling their sabers since 1979.

Be careful not to make the US as the center of the world for everything. The US is important, but it is not the only thing.

Iran wants nukes because it will give it more 'influence' over it's neighbors, something Iran has been trying for a long time. They have a sort of feudal relationship with Syria and Hezbollah, and they've been growing their influence in Egypt. At one time, Iran was a world power. They wouldn't mind being one again, at least in the region.

We can see this also in Wikileaks, where leaders of middle eastern countries wanted the US to take out Iran.

Re:When this happens to the US or its allies

[fishexe]

Right, OPEC... I'm absolutely certain that our biggest petroleum source in OPEC, Canada, would side with Iran should we go to war. That makes perfect sense.

Canada is not a member of OPEC.

Color me impressed

[moogied]

You really have to hand it to Israel, they continue to be the very best at cloak and dagger style work. Yes, I consider this C&D due to its ingenious nature. Spread a massive virus across as many systems as you can, and nestle a chunk a code in it to only activate on the correct system. This not only requires the method to spread it, but far more impressive is the fact that it required the correct code for there machines. This means they do 100% have spys inside of Iran's nuclear systems and gives a butt load more credit to the statements made by Israel and America about Iran's nuclear goals. Well done

Re:Color me impressed

[drolli]

Or you have to have spys in the Companies providing the parts. Siemens does not have a strong culture of being paranoid, especially not against western/pro-western secret services, with which they probably collaborate anyway when it comes to identifying industrial espionage from other services. I am pretty sure that the BND (German secret service) can ask them for plans and details quite openly (i guess you don't produce parts relevant for nuclear technology or military infrastructure without having liaison officer assigned to you), and probably also for the source code of the embedded SPS modules. For sure the same holds true for the manufacturer of the turbines. Since the Western secret services collaborate on an less prominent, informal level (see e.g. the BND agents in Baghdad during the war which reported back to the NATO headquarters, where obviously - no records exist - they helped clearing military targets in Iraq, despite Germany no being officially involved in the war).

I would guess that actually several secret services collaborated in this, but the "Cui Bono?" points to Israel.

Re:From the No-**** Department...

[jmauro]

There was some decent evidence that it was actually a Chinese-Finnish operation

My guess is when it's all declassified in 100 years or so we'll find out it was actually created out of different virus cross breeding and the Internet has been alive this entire time. Yea, I'll be shocked too.

OpenBSD IPsec

[Mysteray]

Jason Wright, the OpenBSD developer funded by NETSEC to work on IPsec (and allegedly put in backdoors for the FBI) went to work at the DHS cyber security lab that the NYT is saying helped do Stuxnet http://nyti.ms/grd51X http://bit.ly/feB9ZV

SecTor 2008 gives his speaker bio http://www.sector.ca/speakers2008.htm

Jason Wright is a cyber security researcher at the Idaho National Laboratory working with SCADA and Process Control system vendors to secure critical infrastructure assets. He is also a semi-retired OpenBSD developer (also known as a "slacker") responsible for many device drivers and layer 2 pieces of kernel code.

I am not making this up.

I'll have to put it in a blog post this evening. See homepage link.

Insertion

[lseltzer]

There are a few important aspects of the story that didn't get covered by the NYT. One is that there was no mention of the origin of the 4 zero-day Windows vulnerabilities and another is the insertion method. Obviously Stuxnet wasn't just blasted out on botnets. Someone got it very close, probably into a facility or more than one facility, or perhaps into a government office or contractor. That's one of the aspects of this that always told me it was a state actor with quality human intelligence capabilities. Actually, my wild guess before is that a contractor from Siemens or someone like that spread it. Which brings up another aspect of this: This story can't be good news for Siemens's customer relations, especially with their government customers.

Re:Insertion

[plover]

Ummm... no. Flaws in Siemens' software (including exploiting default passwords in their package, and great difficulty in changing the passwords once deployed) were an important component in the worm's ability to insert the actual command codes into the industrial control systems. And if you'd have read TFA, you'd have seen that in 2008 Siemens met with Department of Homeland Security officials to go over the security of the SIEMATIC PCS 7 industrial control systems. The DHS had the most intimate knowledge of the weakness of Siemens' systems possible, having been asked to evaluate them for security flaws!

Given the sophistication of the worm, and the determination of the attackers, it's quite likely that it would have been written to infiltrate whatever systems they were running. Windows XP just happened to be very easy to target. But had it been a UNIX or Mac system, they would probably have found a way to get their malware installed anyway.

Re:Manifesto included

[plover]

By the way, all the pundits saying it would take the resources of a government to create that worm know very little about what it actually takes to make one. It did however take very intimate knowledge of the code running on those systems, so the creator probably has a copy of the source code on those machines, or the equivalent. (I'm pretty sure it's too large to be memorized by a single person.)

Did you RTFA? It claims Israel acquired some of the centrifuges that Iran is using, got them working, then tested the worm's effect on them. That's a lot more than the resources of Joe Hacker. Not just anyone can run down to Pakistani-Centrifuges-R-Us and buy a dozen of them to test with.

When you look at the instructions Stuxnet was sending to the centrifuges, they're brilliantly designed exactly to cause them to fail. After lurking for a couple weeks, they over-speed them for a few minutes, then drop them down to almost stopped speed, then bring them back to a fairly normal operating speed. The overspeed period stresses the already stressed components, occasionally beyond the breaking point. The underspeed periods act like a mixer, stirring up any U-238 that had already been spun out of suspension. Returning them to normal speed allayed suspicion that they were faulty.

There is no way one guy is going to know exactly what values it would take to create such a precise scenario. It takes massive resources to pull that off.

Re:From the No-**** Department...

[Zeinfeld]

It is really rather obvious that both the Iranian and Israeli leadership would rather like to have a war but they need the other side to be seen to start it. Iran has gained tremendously from the Bush invasion of Iraq, not only has the US eliminated Iran's major regional rival, the war has allowed Iran to establish an essentially unbroken sphere of influence in the Shi'ia world.

It is even quite likely that Ahmedinejad is looking for an attack in order to complete the nuclear program. It is unlikely that the religious leadership would want to allow him to complete a nuclear bomb: it would put him above them. If Iran really wanted a nuclear weapon they would have one by now, they have vastly more resources than were available to the Manhattan project in the 40s. Another possibility is that Iran does already have a nuclear bomb but is unable to declare it since that would lead to an immediate attack etc.

In either case it would make perfect sense for Ahmedinejad to incite an Israeli attack which would provide a pretext for withdrawal from the NPT and become a declared nuclear power within a short interval.

A war between Israel and Iran would be a war of attrition with each side aiming to rack up as many civilian deaths as possible. Israel cannot win that game and it would be stupid of them to try. The mullahs have shown themselves quite capable of accepting a million casualties in a war.

The Times report itself says nothing new and nothing that can be believed. All that we know is that there is are sources in US/Israeli intelligence that want to take credit for Stuxnet. We do not even know if the source would even have knowledge of such an operation if it existed.

The motives for wanting to take credit are rather obvious. But if you look at what the attack achieved or was likely to achieve it is very hard to see how it would be in the interests of either to burn major intelligence assets for an act of minor vandalism.

We know that the attack involved four zero days, was written in a modular fashion, probably by multiple authors and had references that might have been intended to lead to a certain conclusion. What we really don't know much about is the payload code. We do not even know for certain what the target was.

For several weeks we were discussing media reports that 'confirmed' that the virus was Chinese on the basis of some 'expert' who had seen an algorithm in Chinese code and erroneously considered it to be uniquely Chinese. The press will repeat any nonsense that is said to them by someone who is convinced they are right.

If the target was indeed the Iranian centrifuges or the Iranian power plant then the only way that it could have possibly been expected to work would be with very deep knowledge of the design and deployment of a top secret Iranian facility. There are only two ways that knowledge could be available to the attacker - if they designed the plant or if they had a source with access.

Looking at the likely result of this attack I cannot possibly see how anyone would wish to let the Iranians know about the intelligence source for the sake of some minor inconvenience to the Iranian program.

A much more likely explanation in my view is the idea that the Russians wrote Stuxnet to damage the nuclear plant they designed and thus require Iran to buy additional services from Russia to repair the damage and to accept the reprocessing proposal (which they did). Such shakedown tactics were common during the Soviet era.

Russia would not have an incentive to take credit for the attack in such circumstances. But some of the US/Israeli hawks would even knowing that the claim was false.