Breaking news: NY Times claims US released Stuxnet with Israel and it accidentally escaped

Breaking news: NY Times claims US released Stuxnet with Israel and it accidentally escaped

Summary: NY Times claims attack against Iran initiated by Presidents Bush and Obama. Read this article by ZDNet's David Gewirtz, one of America's leading cyberwarfare experts, for analysis.

SHARE:
TOPICS: Malware
29

There’s some substantial Stuxnet news coming out of the New York Times today, claiming confirmation of US and Israeli participation in the creation of Stuxnet. According to the Times, the attack was initiated by President Bush and continued by President Obama.

NY Times: Obama Order Sped Up Wave of Cyberattacks Against Iran

The article answers one serious question, which is how it got into the wild. The implication is that the virus was originally developed in the US and then modified by the Israelis, and that there was a bug in the modification that allowed the virus to replicate outside of its target destination.

The virus, then called "the bug" by the White House, was introduced in stages into the Natanz nuclear facility in the Isfahan Province of Iran. Because the nuclear facility was not directly connected to the Internet, the Times reports that the virus was introduced by thumbdrive, carried in by someone who worked at the facility. A laptop was apparently removed from the Natanz facility, and when that laptop connected to the Internet, the virus was released into the wild.

NY Times: How a Secret Cyberwar Program Worked

For perspective on all of this, you might find an article I wrote back in January 2011 particularly relevant:

ZDNet Government: Special Report: Stuxnet may be the Hiroshima of our time

There is a lot to consider based on this news. First, there is no direct confirmation of these events from the White House or anyone current serving in the administration. That's not to say you shouldn't believe the Times' report, but rather that it would premature to consider this as historical fact until further evidence surfaces.

Second, as I discussed in the article issued above, there is the question of whether this was an appropriate decision on the part of both Presidents Bush and Obama. As I wrote, once unleashed, this new form of weapon will change how our world conducts itself in the digital battlespace.

I've also been working on a detailed, minute-by-minute simulation of a modified Stuxnet attack against the United States for the Idea Economy: Information 2012 Summit. The simulation, which will involve participation by former White House counterterrorism and cyberterrorism defense officials, should be available online sometime shortly after the summit ends next Wednesday.

Stay tuned. I'll have a lot more to say.

Topic: Malware

About

David Gewirtz, Distinguished Lecturer at CBS Interactive, is an author, U.S. policy advisor, and computer scientist. He is featured in the History Channel special The President's Book of Secrets and is a member of the National Press Club.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

29 comments
Log in or register to join the discussion
  • more reasons to dump windoze

    and use Linux, not targeted by US gov.
    The Linux Geek
    • Boom

      If an asteroid were coming to hit the Earth and kill everyone on it, you'd tell us that it wouldn't affect Linux users.
      Robert Hahn
      • At least we wouldn't

        loose the investment in software licenses we made to run Windows!
        Tony Burzio
      • RE: At least we wouldn't

        [i]lose the investment in software licenses we made to run Windows![/i]

        Unless you were running either the RHEL desktop or SLED.

        Don't think that advanced persistent threats (or whatever you like to call them) and cyber-warfare only apply to those using Microsoft Windows. Your comment only serves to deflect the issue.

        This is a war involving nation-states (e.g., the U.S. and Iran regarding Stuxnet) as well as terrorist organizations. Yup, it's a war now. Congrats to the U.S. military-industrial-congressional complex.
        Rabid Howler Monkey
    • Linux has more security holes in it than windows does. Some of them were

      even put there intentionally. More bugs in general for that matter. And having "more eyes" looking at them for 2 decades has done nothing to change that.
      Johnny Vegas
      • Ah, the timeless art of deflection

        While I'm quick to point out that Linux is not impenetrable, it's quite funny to see both you and Mr. Spock attempting to kick Linux to the curb on this story. News flash!! There were five (5) Windows zero-days utilized by Stuxnet.

        You two (2), along with other Microsoft supporters, should be hiding under a rock when Stuxnet is discussed.
        Rabid Howler Monkey
      • I thought both Robert Hahn and Spocks

        replies where worth a chuckle.
        William Farrel
      • The critical flaw with the open-source model ...

        ... is that everyone assumes that all those open-source developers are altruistic and would never plant a virus, worm, or botnet, in the code they modify and distribute.

        The second flaw is that while the model might foster innovation, this also leads to incompatibility no less frustrating than the incompatibilities between commercial titles.
        M Wagner
      • Wagner: Now why would...

        ...an open source developer whose name is known destroy his reputation by deliberately creating and distributing a trojan horse?

        There's a good reason why virus writers are anonymous.
        John L. Ries
    • Yeah, keep telling yourself that...

      nt
      mlashinsky@...
  • News?

    I thought it was already well known where this 'virus' came from. What is the news?

    Morale: nerve run windows in critical environments.
    danbi
    • There was some speculation...

      ...and some accusations by Iranian government officials that appear now to have been correct.

      The sad thing is, that given the importance of preventing Iran from developing nuclear weapons, I might well have authorized the program if I had been President.

      Reply to Lerianis10:

      "Conservative astroturfing"? You'll have to converse with Adornoe on that one. I'm not all that conservative (as our more Conservative friends will attest) and since nobody is prompting me to talkback except me, and the opinions expressed really are mine, it's not astroturfing.

      The problem with Iran (and North Korea) having nuclear weapons is that the current regime is highly likely to use them agressively. It would be better to reduce the nuclear club to zero, but I don't see that happening any time soon, so I think it's prudent policy to keep it from getting any bigger and to severely discourage those who do have nukes from using them against us or anyone else.

      Surely you don't agree with Mao Tse-Tung that all countries should have nuclear weapons.

      One thing to consider: The Iranian government has been an avowed enemy of the U.S. every since the Islamic revolution of 1979. The current president is suspected of having been one of the hostage takers of 1979-1980. There is good reason to believe that the Iranians would happily detonate an H-bomb in the U.S. if they could manage it. I really don't want the Iranians to have nuclear weapons.
      John L. Ries
      • Why is it 'so important'?

        The bottom line is that Iran having nuclear weapons would be no better and no worse than North Korea, Russia, China, etc. having them.

        Stop with the "America is the only ones who can be trusted with nuclear weapons" conservative astroturfing.
        Lerianis10
  • Home of Glass?

    Those who have homes made of glass should not throw stones!

    US has the most widespread internet economy. If a cyberwar (or Cyber-terrorism in this case) takes place US is the one who will suffer more.
    wmac1
    • What are you talking about? US military and govt systems are already

      attacked hundreds of times a day by foreign nation states. Same for US public infrastructure and corporate systems. This has been going on for many years already.
      Johnny Vegas
      • Apples and oranges, Johnny

        The attacks that you refer to involve the theft or attempted theft of various types of information. The word 'espionage' comes to mind.

        What sets Stuxnet apart is that it was designed to cause damage to a facility, specifically damage to centrifuges operating within a facility. This is not espionage. It's the equivalent of agents hostile to Iran infiltrating the facility, planting explosives and setting off the explosives with the express purpose of causing damage to the facility.

        What's scary are the following scenarios (as examples):
        o damaging compressors at a natural gas compressor plant, resulting in a fire and disruption of natural gas service (imagine this in Minneapolis, MN, in January)
        o damaging a power generation utility, causing disruption of electrical service (imagine this in Phoenix, AZ, in August)
        o damaging a chemical plant resulting in the release of dangerous chemicals (think of what happened to local residents at Union Carbide's Bhopal, India, facility)
        o damaging a petroleum refinery causing a major fire, extensive damage and loss of capacity to produce gasoline, jet fuel, etc.
        o taking control of a train in a highly populated city at rush hour

        Stuxnet has raised the stakes considerably beyond espionage.
        Rabid Howler Monkey
  • since when do the feds release top secrets?

    i'm not convinced we are getting all the facts and the truth. its very rare (if ever) that secrets are released by the white house and provided to news reporters.

    when such stories are provided by the feds to the new york times, it has always been a deliberate intent of providing "dis information"

    so, i can safely be assured that what the new york times and the blogging world are reporting, is far from the real truth and maybe a red herring by the feds.
    databaseben
    • They're called "leaks"

      Something that every U.S. President since at least Richard Nixon has struggled with (don't know if LBJ had that problem or not, but I wouldn't be surprised if he did).

      Reply to Rabid Howler Monkey:

      It's possible that this is a deliberate leak, but I certainly wouldn't have recommended it if I were one of President Obama's political advisors. From a PR perspective, it's more likely to hurt the current administration politically than it is to help it.
      John L. Ries
      • RE: They're called "leaks"

        [i]Something that every U.S. President since at least Richard Nixon has struggled with[/i]

        Sometimes the White House is behind the leaks. This being an election year for the U.S. President and Iran always (in recent history) being a popular country to demonize, I believe it possible that the White House is behind this story (if not, they may still be fine with it leaking). It makes Obama appear hawkish on Iran, which will help to befuddle the Republicans efforts to make him look dovish and, ultimately, give him more votes than take away. IMO there's really no need for the White House to confirm or deny this story from an election perspective.
        Rabid Howler Monkey
      • Rabid Howler Monkey

        You'll also notice how there was a deliberate, reference to Bush. In case the Muslim community gets up Hussein can always blame Bush. Look how well it worked after the Democrats caused the Economy to fail the last time.
        Jumpin Jack Flash