Pages

19 February 2016

New Film Explores US-Israeli Development of STUXNET Virus and the Cyber Attack on the Computers of Iran’s Nuclear Plants

Yossi Melman

February 16, 2016

Exclusive: Israel’s rash behavior blew operation to sabotage Iran’s computers, US officials say
“Zero Days,” Alex Gibney’s film premiering at the Berlin Film Festival, explores the joint US-Israeli operation to develop the Stuxnet virus and sabotage Iran’s nuclear program.

Gen. Michael Hayden, former head of both the CIA and the NSA, claims the goal of a potential Israeli strike on Iran would be to drag the US into war.

Hayden made the remarks in a documentary film premiering this week at the Berlin International Film Festival. The film also quotes other sources in the US intelligence community who accuse Israel of disrupting a joint covert operation to sabotage computers used in Iran’s nuclear program by acting rashly and in opposition to agreed-upon plans. As a result, hundreds of millions of dollars that were invested in the operation went to waste.

The film, Zero Days, was directed by Alex Gibney, whose film Taxi to the Dark Side won the Academy Award for Best Documentary Feature in 2008.


The film contains testimony from NSA and CIA operatives who worked together with Israeli colleagues – from the 8200 Military Intelligence Unit and Mossad – to develop several versions of a deadly virus that penetrated computers at the uranium enrichment facility at Natanz in Iran. The testimony is delivered anonymously by an actress whose face remains hidden.

Iranian soldiers stand guard on an anti-aircraft machine gun inside the Natanz uranium enrichment facility, 322km (200 miles) south of Iran’s capital Tehran March 9, 2006 (Reuters)

According to the claims in the film, the hasty Israeli action prevented the carrying out of a number of further planned actions that were intended to sabotage computers at a second, more fortified uranium enrichment facility at Fordow. The film also reveals another planned cyber unit covert operation code-named NZ (Nitro Zeus).

“We spent millions on this operation to sabotage all of the computers of the Iranian infrastructure in the instance of a war,” a source quoted in the film said. “We penetrated the government, electricity lines, power stations and most of the infrastructure in Iran.”

The deadly virus that was implanted at Natanz was named “Stuxnet” by computer security experts, but it had a different name among the Israeli and American intelligence communities that was not revealed in the film. The codename of the entire operation, as was revealed byNew York Times’ journalist David E. Sanger, was “Olympic Games.” Conventional wisdom holds that the implanting of the virus marked the first time that a country, or two countries in this case (the US and Israel), engaged in cyber warfare against another country (Iran). Up until then, the majority of attacks were carried out by individual hackers for their own enjoyment or for political purposes, by criminals for the purposes of fraud and thievery, or by companies engaged in industrial and commercial espionage.

US Vice President Joe Biden was quoted in the film as saying in a meeting that the Israelis “changed the code” of the deadly virus’s software. As a result, in opposition to the plan, the virus spread from nuclear program computers to many other computers in Iran, and from there, to computers around the world, even harming the computers of American companies. The unplanned spread of the virus led to the exposing of the operation and enabled the Iranians, with the help of information security experts from Belarus and Russia, to invent a “vaccine” for their computers to better defend the nuclear program.

According to the film, the premature exposure of the operation caused by Israel’s action’s also caused the virus software, which was among the most classified and most advanced in the world, to leak to Russian and Iranian intelligence.

“Ironically,” it is said in the film, “the secret formula for writing the code for the virus software fell into the hands of Russia and Iran – the country against which it was developed.”

US Air Force Gen. Michael Hayden, Director of the CIA, addresses reporters as he arrives for a closed-door session with the House Select Committee on Intelligence at the Capitol in Washington, December 12, 2007 (Reuters)

The development of Stuxnet and the planning of Operation Olympic Games began in 2006, during George W. Bush’s term as president, who wanted to thwart the Iranian nuclear program. Hayden, who was alternately the head of the NSA and the head of the CIA for 10 years starting in 1999, reveals in the film that “President Bush did not want to be left with the choice of ‘ to bomb or be bombed.’”

According to the film, experts from both countries came up with the idea to try to sabotage Iran’s nuclear facilities, and in particular their computers. Pictures of then-Iranian president Mahmoud Ahmadinejad’s visit to the Natanz facility helped the experts obtain needed intelligence on the computers. The computers, their configuration and their rear connections can be seen clearly in the pictures. Eventually, these entry and exit points served as portals to implant the virus.

Iranian nuclear experts accompanied Ahmadinejad on his tour of the facility. One of those photographed at Ahmadinejad’s side was assassinated a few years later, in an operation that was attributed to the Mossad.

On Bush’s orders, exact replicas of the centrifuges were built at the national laboratories in Oak Ridge, Tennessee, which is also used to produce nuclear weapons, and at Israel’s nuclear reactor in Dimona. The deadly virus was implanted in the centrifuges and their rotors were damaged and broken. Intelligence operatives brought the broken rotors to the White House situation room, showed them to President Bush and demonstrated for him the action. Bush was impressed, saying, “Go and try.” He ordered a greater investment in offensive, covert cyber warfare and approved the operation.

Iranian President Mahmoud Ahmadinejad © visits the Natanz nuclear enrichment facility, 350 km (217 miles) south of Tehran, April 8, 2008 (Reuters)

According to the film, offensive cyber warfare against Iran was increased even more during Barack Obama’s term, who feared that Israel under the leadership of Prime Minister Benjamin Netanyahu and then-defense minister Ehud Barak would take military action against the Islamic Republic. Hayden reveals in the film that America’s fear was that “the real goal of an Israeli attack [against the nuclear facilities in Iran], would be to drag us into war,” because Israel’s own attack capabilities were limited. “Israel has an excellent air force, but it’s small. The distance is great and the facilities are spread throughout Iran.”

In order to calm Israel down, and to prove that the administration was working diligently to thwart an Iranian nuclear weapon, Obama ordered the intelligence community to increase its efforts and its cooperation with the Mossad and Unit 8200. He did so despite having some doubts about the operation. Obama expressed concern that “the Chinese and the Russians will do the same thing to us,” and insert viruses into nuclear facilities and other strategic sites in the United States. However, Obama’s greater fear was of an Israeli attack. “The goal was to gain time,” Hayden added, “in order to force Iran to come to the negotiating table.”

According to the film, British intelligence also secretly took part in the operation through the GCHQ, its unit responsible for telephone surveillance, communications interception, code-breaking and cyber warfare. “But the main partner was Israel,” the film says. “And in Israel the Mossad ran the show. 8200 provided technical help. Israel was the key to the whole story.”

Prime Minister Benjamin Netanyahu (L) speaks with Defense Minister Ehud Barak at the Knesset, June 8, 2009 (Reuters)


In the beginning, the virus acted as it was supposed to, according to the film. “As far as we knew, but they weren’t telling us everything,” an NSA source said. “The virus was implanted in the computers, probably by the Mossad, through its infiltration of two software companies in Taiwan that were working with the Iranians.”

The plan was for the virus to harm the digital and computerized electric boxes made by the German company Siemens, which were hooked up to the computers that operated the centrifuges. About a thousand of the 5,000 centrifuges were damaged without the Iranians discovering the cause of the problem.

“The plan did what it was supposed to do,” an anonymous American intelligence operative said. “The centrifuges blew up without leaving a trace.”

The sabotage operation also had a psychological goal: to instill in the Iranian leadership and in the community of scientists a feeling that they were helpless and did not understand what was happening. An additional goal was to drive a wedge between the political and military leadership, and the scientists. And indeed, the Iranians accused their experts of failure, began firing them and threatened them.

According to testimony gathered by the film’s producers, several hundred programmers, mathematicians and computer engineers worked in Tailored Access Operations (TAO) teams at CIA headquarters and the cyber command in Fort Meade, Maryland. Only these teams were authorized to infiltrate computers outside of the US, including those in Iran.

The sources quoted in the film say the US and Israel developed a few different versions of the Stuxnet virus. Each new version was more powerful than its predecessor. The idea was to gradually implant increasingly stronger versions of the virus. In addition, it was established that each country had the right to act independently, as long as it informed the other of its actions. However, according to the film, as a result of pressure from Netanyahu on the chief of the Mossad to “show results,” it was decided in Israel to use the most deadly version of the virus prematurely.

“We operated at a low profile,” an NSA source said. “The Israelis, on the other hand, constantly pushed to be more aggressive.” In this way, after the strongest version of the virus was implanted in order to increase the force of the damage to the centrifuges at Natanz, the virus, according to German information security expert Ralph Langer, began to “jump from computer to computer,” until it was out of control and unintentionally spread to thousands of computers, networks and systems, including computers in the United States.

“Our friends from Israel took a weapon that we developed jointly, among other things in order to defend Israel, and did something crazy with it, and actually blew the operation. We were very furious,” a source said.

US President George W. Bush walks to a meeting with EU leaders at Brdo Castle in Kranj, Slovenia, June 10, 2008 (Reuters)

The film reveals that the presidential orders of Bush and Obama to activate the cyber weapon were based on their authority to use nuclear weapons. As a result of the American-Israeli cyber warfare, Iran began to develop and to enhance its own attack tools. A few years ago, in revenge and as a message of deterrence, it attacked 30,000 computers belonging to the Saudi oil company Aramco and computers belonging to American banks.

On this backdrop, the film also delves into the philosophical-theoretical issue of the world’s need to establish international treaties and rules of what’s legal and illegal in cyber warfare, like the international conventions that govern the laws of conventional warfare.

In addition to Hayden, other US officials are interviewed in the film, including Richard Clarke, an anti-terrorism and cyber warfare consultant in the Bush, Clinton and Bush administrations, John C. Inglis, former deputy NSA chief, Gary Samore, from the National Security Council and the head of information and computer security branch of the Department of Homeland Security. The New York Times’ Sanger also served as consultant to the film’s director and producers.

On the Israeli side, interviews were conducted with former Military Intelligence chief Amos Yadlin, current National Infrastructure, Energy and Water and former Intelligence Minister Yuval Steinitz, as well as the writer of this article, who also served as a consultant on the film. Computer security experts from the American firm Semantec appear in the film, as well as the German expert Ralph Langer and Eugene Kaspersky, who is considered one of the most well-known computer security experts in the world. Kaspersky was formerly a Russian intelligence operative and is considered to have close ties to the Kremlin.

No comments:

Post a Comment