[LACNIC/Seguridad] InformationWeek: Stuxnet Launched By United States And Israel

Fernando Gont fernando en gont.com.ar
Mar Jun 5 03:25:28 BRT 2012



Stuxnet Launched By United States And Israel

White House officials confirmed that the Stuxnet virus was a joint
project between the two countries, designed to set back Iran's ability
to create weapons-grade uranium.
-- By Mathew J. Schwartz

The pioneering Stuxnet virus that attacked Iran was built just as many
security experts had predicted: In a joint effort by the governments of
the United States and Israel.

Those revelations surfaced Friday in The New York Times, in a story
written by David Sanger, who had been conducting research for his
forthcoming book, Confront and Conceal: Obama's Secret Wars and
Surprising Use of American Power.

"This account of the American and Israeli effort to undermine the
Iranian nuclear program is based on interviews over the past 18 months
with current and former American, European, and Israeli officials
involved in the program, as well as a range of outside experts,"
reported Sanger. "None would allow their names to be used because the
effort remains highly classified, and parts of it continue to this day."

Officials said that Stuxnet was developed as part of a classified
program codenamed "Olympic Games," which was begun under President Bush,
and which Obama ordered to be accelerated. As part of that program,
malware was developed to first create a blueprint of an Iranian nuclear
facility at Natanz. As fears of Israel launching an airstrike against
Iranian facilities increased, the administration opted to make Israel
part of the Olympic Games program. The Israelis worked with the National
Security Agency to design Stuxnet, which was introduced into the Natanz
facility via USB drives by spies and unwitting employees.

But in 2010, reported Sanger, an error in the code led to the virus
spreading outside of the Natanz facility, at which point it began
infecting PCs worldwide.

Stuxnet broke new malware ground because the complex application was
designed for the sole purpose of sabotaging the high-frequency convertor
drives used by the uranium enrichment facility at Natanz. That made it
the first known virus to disable physical equipment. The virus managed
to disable 1,000 of the 5,000 such drives Iran had in use at the time,
delaying its uranium-enrichment program by 18 months to 2 years,
according to internal Obama administration estimates. Outside experts,
however, believed the resulting delays to be less substantial.

Security experts, of course, are now trying to unravel the mysteries of
the Flame malware. The espionage and information-gathering virus, first
detailed publicly on Monday, has predominantly been aimed at targets in
the Middle East and Eastern Europe.

In the wake of the Stuxnet revelations, the next logical question is:
Did the U.S. government also commission Flame?

U.S. officials told Sanger that Flame was not part of the Olympic Games
program, although they declined to comment on whether the malware had
been built by the United States. But based on code reviews, security
experts already believe that Flame was commissioned by whomever ordered
Stuxnet, although it was apparently built by a different group of

Why are the revelations over who commissioned the Stuxnet program coming
to light now, given that the virus was discovered back in June 2010?
"Obama wanted to get credit for Stuxnet as that makes him look tough
against Iran. And he needs that as Presidential elections are coming,"
tweeted Mikko Hypponen, chief research officer at F-Secure.

Furthermore, Stuxnet has arguably already served its purpose. "Stuxnet
is old news. Even the recently discovered (and much hyped) Flame malware
isn't an effective weapon today," said Graham Cluley, senior technology
consultant at Sophos, in a blog post.

But for every Stuxnet, Flame, or Duqu, how many other pieces of
espionage malware are now in circulation? "There seems little doubt that
state-sponsored cyber-weapons (if that is indeed what Stuxnet was)
continue to be developed--and chances are that it's not just the U.S.A.
and Israel who are developing them, but other developed countries,"
Cluley said.

Fernando Gont
e-mail: fernando en gont.com.ar || fgont en si6networks.com
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1

Más información sobre la lista de distribución Seguridad