Category Archive 'Stuxnet'
19 Jan 2011
Anonymous official sources have spilled enough to the New York Times to allow it to put the pieces together (and to give an opportunity to US and Israeli Intelligence to take a few public bows and indulge in a bit of gloating at Iran’s expense). And, what do you know! it was another of those George W. Bush policies that Barack Obama decided to continue, just like detentions at Guantanamo.
The Dimona complex in the Negev desert is famous as the heavily guarded heart of Israelâ€™s never-acknowledged nuclear arms program, where neat rows of factories make atomic fuel for the arsenal.
Over the past two years, according to intelligence and military experts familiar with its operations, Dimona has taken on a new, equally secret role â€” as a critical testing ground in a joint American and Israeli effort to undermine Iranâ€™s efforts to make a bomb of its own.
Behind Dimonaâ€™s barbed wire, the experts say, Israel has spun nuclear centrifuges virtually identical to Iranâ€™s at Natanz, where Iranian scientists are struggling to enrich uranium. They say Dimona tested the effectiveness of the Stuxnet computer worm, a destructive program that appears to have wiped out roughly a fifth of Iranâ€™s nuclear centrifuges and helped delay, though not destroy, Tehranâ€™s ability to make its first nuclear arms.
â€œTo check out the worm, you have to know the machines,â€ said an American expert on nuclear intelligence. â€œThe reason the worm has been effective is that the Israelis tried it out.â€
Though American and Israeli officials refuse to talk publicly about what goes on at Dimona, the operations there, as well as related efforts in the United States, are among the newest and strongest clues suggesting that the virus was designed as an American-Israeli project to sabotage the Iranian program. …
Many mysteries remain, chief among them, exactly who constructed a computer worm that appears to have several authors on several continents. But the digital trail is littered with intriguing bits of evidence.
In early 2008 the German company Siemens cooperated with one of the United Statesâ€™ premier national laboratories, in Idaho, to identify the vulnerabilities of computer controllers that the company sells to operate industrial machinery around the world â€” and that American intelligence agencies have identified as key equipment in Iranâ€™s enrichment facilities.
Siemens says that program was part of routine efforts to secure its products against cyberattacks. Nonetheless, it gave the Idaho National Laboratory â€” which is part of the Energy Department, responsible for Americaâ€™s nuclear arms â€” the chance to identify well-hidden holes in the Siemens systems that were exploited the next year by Stuxnet.
The worm itself now appears to have included two major components. One was designed to send Iranâ€™s nuclear centrifuges spinning wildly out of control. Another seems right out of the movies: The computer program also secretly recorded what normal operations at the nuclear plant looked like, then played those readings back to plant operators, like a pre-recorded security tape in a bank heist, so that it would appear that everything was operating normally while the centrifuges were actually tearing themselves apart.
The attacks were not fully successful: Some parts of Iranâ€™s operations ground to a halt, while others survived, according to the reports of international nuclear inspectors. Nor is it clear the attacks are over: Some experts who have examined the code believe it contains the seeds for yet more versions and assaults. …
Israeli officials grin widely when asked about its effects. Mr. Obamaâ€™s chief strategist for combating weapons of mass destruction, Gary Samore, sidestepped a Stuxnet question at a recent conference about Iran, but added with a smile: â€œIâ€™m glad to hear they are having troubles with their centrifuge machines, and the U.S. and its allies are doing everything we can to make it more complicated.â€
In recent days, American officials who spoke on the condition of anonymity have said in interviews that they believe Iranâ€™s setbacks have been underreported. That may explain why Mrs. Clinton provided her public assessment while traveling in the Middle East last week.
By the accounts of a number of computer scientists, nuclear enrichment experts and former officials, the covert race to create Stuxnet was a joint project between the Americans and the Israelis, with some help, knowing or unknowing, from the Germans and the British.
The projectâ€™s political origins can be found in the last months of the Bush administration. In January 2009, The New York Times reported that Mr. Bush authorized a covert program to undermine the electrical and computer systems around Natanz, Iranâ€™s major enrichment center. President Obama, first briefed on the program even before taking office, sped it up, according to officials familiar with the administrationâ€™s Iran strategy. So did the Israelis, other officials said.
You can hear the champagne corks popping at Langley all the way out here in Fauquier County.
Read the whole thing.
15 Dec 2010
The Jerusalem Post, via an interview with an IT professional, provides an expert assessment on who was responsible for creating the Stuxnet virus and a knowledgeable estimate of just how effective it was in shutting down Iran’s nuclear weapons program.
The Stuxnet virus, which has attacked Iranâ€™s nuclear facilities and which Israel is suspected of creating, has set back the Islamic Republicâ€™s nuclear program by two years, a top German computer consultant who was one of the first experts to analyze the programâ€™s code told The Jerusalem Post on Tuesday.
â€œIt will take two years for Iran to get back on track,â€ Langer said in a telephone interview from his office in Hamburg, Germany. â€œThis was nearly as effective as a military strike, but even better since there are no fatalities and no full-blown war. From a military perspective, this was a huge success.â€
Last month, the International Atomic Energy Agency (IAEA), the United Nationâ€™s nuclear watchdog, said that Iran had suspended work at its nuclear-field production facilities, likely a result of the Stuxnet virus.
According to Langer, Iranâ€™s best move would be to throw out all of the computers that have been infected by the worm, which he said was the most â€œadvanced and aggressive malware in history.â€ But, he said, even once all of the computers were thrown out, Iran would have to ensure that computers used by outside contractors were also clean of Stuxnet.
â€œIt is extremely difficult to clean up installations from Stuxnet, and we know that Iran is no good in IT [information technology] security, and they are just beginning to learn what this all means,â€ he said. â€œJust to get their systems running again they have to get rid of the virus, and this will take time, and then they need to replace the equipment, and they have to rebuild the centrifuges at Natanz and possibly buy a new turbine for Bushehr.â€
Widespread speculation has named Israelâ€™s Military Intelligence Unit 8200, known for its advanced Signal Intelligence (SIGINT) capabilities, as the possible creator of the software, as well as the United States.
Langer said that in his opinion at least two countries â€“ possibly Israel and the United States â€“ were behind Stuxnet.
Israel has traditionally declined comment on its suspected involvement in the Stuxnet virus, but senior IDF officers recently confirmed that Iran had encountered significant technological difficulties with its centrifuges at the Natanz enrichment facility.
â€œWe can say that it must have taken several years to develop, and we arrived at this conclusion through code analysis, since the code on the control systems is 15,000 lines of code, and this is a huge amount,â€ Langer said.
â€œThis piece of evidence led us to conclude that this is not by a hacker,â€ he continued. â€œIt had to be a country, and we can also conclude that even one nation-state would not have been able to do this on its own.â€
Eric Byres, a computer security expert who runs a website called Tofino Security, which provides solutions for industrial companies with Stuxnet-related problems, told the Post on Tuesday that the number of Iranians visiting his site had jumped tremendously in recent weeks â€“ a likely indication that the virus is still causing great disarray at Iranian nuclear facilities.
â€œWhat caught our attention was that last year we maybe had one or two people from Iran trying to access the secure areas on our site,â€ Byres said. â€œIran was never on the map for us, and all of a sudden we are now getting massive numbers of people going to our website, and people who we can identify as being from Iran.â€
18 Oct 2010
Shehab-3 test firing from mobile launcher
First, some person or persons unknown introduced what Siemens is describing as “the most refined type of malware ever developed,” the Stuxnet worm, which attacks Supervisory Control And Data Acquisition (SCADA) systems used to control and monitor industrial processes into Iran’s nuclear facilities’ computers.
Stuxnet has the the capability to reprogram the programmable logic controllers (PLCs) which control the entire facility’s operation and monitor its safety and hide the changes.
So sophisticated was the new worm that it is believed it could only have been produced by a state defense organization.
Now, the Internet Mossad-mouthpiece, Debkafile is gleefully reporting that last Tuesday Iran lost most of its ballistic missile launchers in a series of mysterious blasts.
A top-secret Iranian military installation was struck by a triple blast Tues. Oct. 12 the day before Iranian president Mahmoud Ahmadinejad arrived in Lebanon. debkafile’s military and intelligence sources report the site held most of the Shehab-3 medium-range missile launchers Iran had stocked for striking US forces in Iraq and Israel in the event of war – some set to deliver triple warheads (tri-conic nosecones).
The 18 soldiers officially reported killed in the blasts and 14 injured belonged to the Revolutionary Guards (IRGC) main missile arm, the Al-Hadid Brigades.
The Imam Ali Base where the explosion occurred is situated in lofty Zagros mountain country near the town of Khorramabad in the western Iranian province of Lorestan. This site was selected for an altitude which eases precise targeting and the difficulty of reaching it for air or ground attack. It lies 400 kilometers from Baghdad and primary American bases in central Iraq and 1,250 kilometers from Tel Aviv and central Israel. Both are well within the Shehab-3 missile’s 1,800-2,500-kilometer operational range.
Our Iranian sources report that Tehran spent hundreds of millions to build one of the largest subterranean missile launching facilities of its kind in the Middle East or Europe. Burrowed under the Imam Ali Base is a whole network of wide tunnels deep underground. Somehow, a mysterious hand rigged three blasts in quick succession deep inside those tunnels, destroying a large number of launchers and causing enough damage to render the facility unfit for use.
In its official statement on the incident, Tehran denied it was the result of “a terrorist attack” and claimed the explosion “was caused by a nearby fire that spread to the munitions storage area of the base.” In the same way, the regime went to great lengths to cover up the ravages wrought to their nuclear and military control systems by the Stuxnet virus – which is still at work.
In actual fact, debkafile’s military sources report, Iran’s missile arsenal and the Revolutionary Guards have also suffered a devastating blow. Worst of all, all their experts are a loss to account for the assailants’ ability to penetrate one of Iran’s most closely guarded bases and reach deep underground to blow up the missile launchers.
The number of casualties is believed to be greater than the figure given out by Tehran.
The Israeli intelligence service has apparently scored a second major devastating blow to Iran’s strategic capabilities.
Range of Sehab-3 missile