Behind U.S. & Israel’s cyber warfare on Iran

Published Jun 15, 2012 8:43 PM

The United States, with some essential aid from Israel, has been waging cyberwar against Iran for the past three years. Reports from anonymous U.S. officials claim this attack has disabled 984 centrifuges in Iran’s Natanz uranium enrichment facility by causing them to spin erratically.

Corporate media are claiming that this attack was a serious blow to Iran’s capacity to enrich uranium. The International Atomic Energy Agency released records, however, showing that Iran maintained its production of enriched uranium. Some speculate production kept up because the Iranians ran their remaining centrifuges faster.

These attacks were carried out by malware, which is the computer industry’s term for “malicious software.” This particular malware, called Stuxnet, had to be inserted into the programs that control this and many other industrial facilities.

The German company Siemens developed these control programs, which are run under various versions of the U.S.-based Microsoft’s Windows operating system.

Carrying out this attack with software makes it easier for Washington and Tel Aviv to deny any connection with the damage it causes. It still destroys Iranian facilities just like a bomb would. But there are no aircraft flying over Muslim countries, no explosions and smashed buildings, just shattered centrifuges.

The Pentagon has formally concluded that computer sabotage coming from another country and directed against the U.S. can be found to be an act of war. Such cyber attacks theoretically pose a significant threat to U.S. nuclear reactors, subways or pipelines, although up to now it is mainly the U.S. that is using cyber warfare.

A Pentagon official told the Wall Street Journal on May 31 the bellicose consequences of attacking the U.S. in this way. “If you shut down our power grid, maybe we will put a missile down one of your smokestacks.”

While the U.S. used this particular malware against Natanz, Russia’s ambassador to NATO, Dmitry Rogozin, said the virus also hit the computer system at Iran’s Bushehr nuclear reactor.

“This virus, which is very toxic, very dangerous, could have very serious implications,” he said. Comparing the malware’s impact to explosive mines, he went on to assert, “These ‘mines’ could lead to a new Chernobyl.” The 1986 nuclear accident at Chernobyl is the most serious nuclear disaster the world has suffered to date. (Reuters, Jan. 26, 2011)

The Republicans have confirmed the accuracy of the revelations about the Stuxnet malware and the highly secret Olympic Games project to develop cyber weapons by demanding that the Justice Department appoint a special prosecutor to investigate how this information leaked to the New York Times reporter, David Sanger. Sanger just published a book, “Confront and Conceal,” which sums up the reporting the Times has done.

According to “Confront and Conceal,” Stuxnet was designed to be spread by a USB, a small thumb drive that can be inserted into computers to transfer information and code. While U.S. cyberwarmakers designed and wrote the code for Stuxnet, it was Israeli intelligence that had the agents on the ground with the connections to get the USB into the hands of a system engineer who would attach it — perhaps unwittingly — to the Siemens controllers. These controllers had absolutely no security in place.

The Iranian engineers relied on an “air gap” to protect their controllers. That is, there was no physical connection to the Internet. According to Sanger’s book, the U.S./Israeli cyber attackers crossed that air gap with the thumb drive.

What let Stuxnet “escape to the wild,” which is how security engineers call malware spreading unplanned to the Internet, was some engineer attaching a laptop to the controller network. Stuxnet then infected the laptop and when the laptop was later attached to the Internet, Stuxnet spread wildly.

Brian Krebs (krebsonsecurity.com) wrote a careful description of this worm in 2010, pointing out that the first fixes to plug the holes in Windows used by this worm were incomplete. But once the worm was known, any reasonably competent hacker could probably exploit these holes.

The Department of Homeland Security had been investigating how to protect Siemens controller software because it is extensively used in U.S. industry and the agency did its testing just a few miles away from the lab where the cyber attacks were being perfected. (Confront & Conceal, p. 209). While no connection can be established, the opportunity was certainly present.

An attack, whether by bombs or software, is still an attack and part of U.S. imperialism’s attempt to dominate the world.