Feb 17, 2016
Stuxnet was only a small virus, the US had bigger weapons
Oscar-winning director Alex Gibney will be premiering today his latest documentary at the Berlin film festival. The documentary is called "Zero Days" and is an investigation into a top-secret US plan dubbed NITRO ZEUS.
A copy of the documentary has been provided to BuzzFeed, along with other US-based media agencies, who report that things go much deeper than the Stuxnet attack against Iran's nuclear facilities.
According to Mr. Gibney, Stuxnet was initially developed by US cyber-intelligence agencies as a way to infiltrate multiple industrial control systems. It was a generic threat that could target far more than just nuclear facilities.
It all started with Stuxnet
The Stuxnet worm was shared with Israel's intelligence agencies, who modified it on their own and in 2009 deployed it against Iranian targets without the US' consent.
The worm was carried inside Iranian nuclear power plants via a USB stick and ended up sabotaging 20% of the centrifuges used for separating nuclear material in the country.
The incident became public as the worm spread to more than 115 countries and cyber-security vendors started picking it using their endpoint solutions, eventually breaking down its code and tracing it back to US and Israel state agencies.
According to Mr. Gibney's investigation and citing sources inside the US intelligence community, the US spent a lot of resources to secretly hack into various targets, only to clean up after Stuxnet in an attempt to quarantine the infection and hide its tracks.
Stuxnet was only a small part of the US cyber war plan against Iran
The whole Stuxnet incident is known in US intelligence work as Operation Olympic Games, which is part of a bigger plan called NITRO ZEUS. Details about this second operation are kept only on a need-to-know basis.
Nevertheless, sources say to Mr. Gibney that NITRO ZEUS is a complete cyber war plan put together against Iran but that could be ported and adapted to any target.
The US Cyber Command and the NSA were in charge of NITRO ZEUS, which was run from the Remote Operations Center (ROC) in Fort Meade, Maryland.
For years, operation NITRO ZEUS had US hackers break into Iran's most critical infrastructure using zero-days to implant viruses and backdoors that could be leveraged at any minute.
The operation even included ground agents in Iran who would infect targets that were off the grid and would then visit them on a daily/nightly basis to make sure they still had access to the target and their malicious code was still present.
NITRO ZEUS was meant for wartime deployment
Mr. Gibeny says that information on NITRO ZEUS has been confirmed by five different sources from the intelligence community.
NITRO ZEUS was never supposed to be put into motion in the first place, the documentary reveals. The plan was only a wartime scenario, one in which US hackers would attack and cripple Iran's energy grid, transportation, air defense, and other industrial facilities if the situation evolved to the point to require US troop intervention in the country.
Sources say the US spent hundreds of millions of dollars on NITRO ZEUS, which employed hundreds of hackers at its Fort Meade headquarters.
The documentary's director, Mr. Gibney, says that NITRO ZEUS is "likely the largest and most complex cyber war plan the U.S. has ever created."
No comments:
Post a Comment