Remember when “someone” used the Stuxnet virus, or rather worm, in an Iranian nuclear plant several years ago to freeze Iranian nuclear production, leading to a major diplomatic scandal involving the spy agencies of both the US and Israel, as the world learned that in the present day industrial sabotage only needed a flash drive and a computer virus to render even the most sophisticated piece of industrial machinery obsolete? Well, moments ago, Bloomberg reported that a computer virus was discovered in a German nuclear power plant.
The super worm known as Stuxnet was but a cog in an active US war program in which hundreds of thousands of network implants and backdoors in Iran networks were actively maintained to facilitate a devastating barrage of hacking attacks, a documentary claims.
Zero Days, due to screen at the Berlin Film Festival today, claims that Stuxnet was just one part of an operation called “Olympic Games” that is itself part of a wider effort dubbed “Nitro Zeus” that involves hundreds of US defence personnel.
– America and Israel Created a Monster Computer Virus Which Now Threatens Nuclear Reactors Worldwide (Washington’s Blog, Nov 12, 2013):
Even Threatens the International Space Station
In their obsession to stop Iran from developing nuclear weapons, the U.S. and Israel created a computer virus (called “Stuxnet”) to take out Iran’s nuclear enrichment machinery.
The virus appears to have spread to other countries.
One of the world’s top computer security experts – Eugene Kaspersky – said this week that the virus has attacked a Russian nuclear reactor. As The Register notes:
Inside Fort Meade, Maryland, a top-secret city bustles. Tens of thousands of people move through more than 50 buildings—the city has its own post office, fire department, and police force. But as if designed by Kafka, it sits among a forest of trees, surrounded by electrified fences and heavily armed guards, protected by antitank barriers, monitored by sensitive motion detectors, and watched by rotating cameras. To block any telltale electromagnetic signals from escaping, the inner walls of the buildings are wrapped in protective copper shielding and the one-way windows are embedded with a fine copper mesh.
This is the undisputed domain of General Keith Alexander, a man few even in Washington would likely recognize. Never before has anyone in America’s intelligence sphere come close to his degree of power, the number of people under his command, the expanse of his rule, the length of his reign, or the depth of his secrecy. A four-star Army general, his authority extends across three domains: He is director of the world’s largest intelligence service, the National Security Agency; chief of the Central Security Service; and commander of the US Cyber Command. As such, he has his own secret military, presiding over the Navy’s 10th Fleet, the 24th Air Force, and the Second Army.
Schematically, Alexander’s empire consists of the following: virtually every piece in America’s information intelligence arsenal.
With his revelations exposing the extent of potential, and actual, pervasive NSA surveillance over the American population, Edward Snowden has done a great service for the public by finally forcing it to answer the question: is having Big Brother peek at every private communication and electronic information, a fair exchange for the alleged benefit of the state’s security. Alas, without further action form a population that appears largely numb and apathetic to disclosures that until recently would have sparked mass protests and toppled presidents, the best we can hope for within a political regime that has hijacked the democratic process, is some intense introspection as to what the concept of “America” truly means.
However, and more importantly, what Snowden’s revelations have confirmed, is that behind the scenes, America is now actively engaged in a new kind of war: an unprecedented cyber war, where collecting, deciphering, intercepting, and abusing information is the only thing that matters and leads to unprecedented power, and where enemies both foreign and domestic may be targeted without due process based on a lowly analyst’s “whim.”
It has also put spotlight on the man, who until recently deep in the shadows, has been responsible for building America’s secret, absolutely massive cyber army, and which according to a just released Wired profile is “capable of launching devastating cyberattacks. Now it’s ready to unleash hell.”
Meet General Keith Alexander, “a man few even in Washington would likely recognize”, which is troubling because Alexander is now quite possibly the most powerful person in the world, that nobody talks about. Which is just the way he likes it.
– Secret rules to let Obama order ‘pre-emptive’ cyber attacks (PressTV, Feb 4, 2013):
A secret legal review on the use of America’s growing arsenal of cyberweapons has concluded that President Obama has the broad power to order a pre-emptive strike if the United States detects credible evidence of a major digital attack looming from abroad, according to officials involved in the review.
That decision is among several reached in recent months as the administration moves, in the next few weeks, to approve the nation’s first rules for how the military can defend, or retaliate, against a major cyberattack.
New policies will also govern how the intelligence agencies can carry out searches of faraway computer networks for signs of potential attacks on the United States and, if the president approves, attack adversaries by injecting them with destructive code – even if there is no declared war.
– “The Worm Turns” As Chevron ‘Infected’ By Stuxnet Collateral Damage (ZeroHedge, Nov 10, 2012):
“I don’t think the US government even realized how far it had spread” is how the collateral damage from the Iran-attacking Stuxnet computer virus is described by Chevron. The sleep San-Ramon-based oil giant admitted this week that from 2010 on “we’re finding it in our systems and so are other companies… so now we have to deal with it.” It would seem that little consideration for just how viral this cyber warfare tactic has become and this news (reported by Russia Today) is the first time a US company has come clean about the accidental infection. Discovered in 2010, the Stuxnet worm was reported with all but certainty to be the creation of the United States, perhaps with the assistance of Israel, to set back Iran’s nuclear enrichment program as a preemptive measure against an eventual war. In a June 2012 article published by The New York Times, government agents with direct knowledge of Stuxnet claimed that first President George W. Bush, then Barack Obama, oversaw the deployment of the worm as part of a well-crafted cyberassault on Iran. On the record, the federal government maintains ignorance on the subject of Stuxnet, but perhaps Chevron sums up the impact of Stuxnet best (given the escalating Iranian enrichment program): “I think the downside of what they did is going to be far worse than what they actually accomplished.”
Via Russia Today:
America’s cyberwar is already seeing collateral damage, and it’s hitting the country’s own billion-dollar companies. Oil giants Chevron say the Stuxnet computer virus made by the US to target Iran infected their systems as well.
– Feds Look to Fight Leaks With ‘Fog of Disinformation’ (Wired, July 3, 2012):
Pentagon-funded researchers have come up with a new plan for busting leakers: Spot them by how they search, and then entice the secret-spillers with decoy documents that will give them away.
Computer scientists call it it “Fog Computing” — a play on today’s cloud computing craze. And in a recent paper for Darpa, the Pentagon’s premiere research arm, researchers say they’ve built “a prototype for automatically generating and distributing believable misinformation … and then tracking access and attempted misuse of it. We call this ‘disinformation technology.’”
– Flame Steals Data Even When Computers Are Not Connected to the Internet (Occupy Corporatism, June 13, 2012):
Experts specializing in malware from Bitdefender have uncovered a special capability in Flame’s code that allows the virus to steal data from computers that are not connected to the internet or networked machines.
Flame can move stolen data to a USB memory stick plugged into an infected harddrive. Bitdefender assert that this ability has never been witnessed before. This cyberespionage virus will move stolen information to an USB outlet, then seemingly wait for the chance to upload it to the malware controllers once the infected computer links to the internet.
– Flame virus, most sophisticated malicious code ever seen, was developed by U.S. government (Natural News, June 12, 2012):
Anyone who has spent longer than a day on a computer knows how dangerous to your hard drive malware and other malicious code can be. Most of us have fallen victim to one or the other and have cursed the day the hacker who developed it was born.
Now, according to reports, some of the most sophisticated malicious code ever developed is a product of the United States government, leaving more than a few tech experts and analysts concerned that maybe now, Washington has become a bigger info-terrorist than some of the country’s worst enemies.
– Nations must talk to halt “cyber terrorism”: Kaspersky (Reuters, June 6, 2012):
Eugene Kaspersky, whose lab discovered the Flame virus that has attacked computers in Iran and elsewhere in the Middle East, said on Wednesday only a global effort could stop a new era of “cyber terrorism”.
“It’s not cyber war, it’s cyber terrorism and I’m afraid it’s just the beginning of the game … I’m afraid it will be the end of the world as we know it,” Kaspersky told reporters at a cyber security conference in Tel Aviv.
“I’m scared, believe me,” he said.
News of the Flame virus surfaced last week. Researchers said technical evidence suggests it was built for the same nation or nations that commissioned the Stuxnet worm that attacked Iran’s nuclear programme in 2010.
In recent months U.S. officials have become more open about the work of the United States and Israel on Stuxnet, which targeted Iran’s Natanz nuclear enrichment facility.
– Diving Into Flame, Researchers Find A Link To Stuxnet (threatpost, June 11, 2012):
Researchers digging through the code of the recently discovered Flame worm say they have come across a wealth of evidence that suggests Flame and the now-famous Stuxnet worm share a common origin.
Researchers from Kaspersky Lab say that a critical module that the Flame worm used to spread is identical to a module used by Stuxnet.a, an early variant of the Stuxnet worm that began circulating in 2009, more than a year before a later variant of the worm was discovered by antivirus researchers at the Belarussian firm VirusBlokAda. The claims are the most direct, to date, that link the Flame malware, which attacked Iranian oil facilities, with Stuxnet, which is believed to have targeted Iran’s uranium-enrichment facility at Natanz. If true, they suggest a widespread and multi-year campaign of offensive cyber attacks against multiple targets within that country.
According to the Kaspersky researchers, early versions of Stuxnet were, in fact, created out of components that were part of what they refer to as the “Flame platform”. But they believe development of the two malicious programs diverged after 2009, suggesting that two different development teams may have been working independently for a single entity to create malware with specific objectives, according to Kaspersky researchers, writing on the company’s blog, Securelist.
– Obama Ordered The “Code Stux” (ZeroHedge, May 31, 2012):
When Iran’s nuclear facilities were publicly crippled in 2011 by what then was considered a revolutionary computer virus which destroys physical equipment, many immediately assumed the virus originated in Israel for obvious reasons. They were wrong. In what can be described as the first presidentially-mandated and condoned act of cyberwarfare, one circumventing the War Powers Act of course, the NYT informs us that the order to physically impair Iranian sovereignty came from none other than the Nobel Peace prize winning president: Barack Obama.
From the NYT:
From his first months in office, President Obama secretly ordered increasingly sophisticated attacks on the computer systems that run Iran’s main nuclear enrichment facilities, significantly expanding America’s first sustained use of cyberweapons, according to participants in the program.
Mr. Obama decided to accelerate the attacks – begun in the Bush administration and code-named Olympic Games – even after an element of the program accidentally became public in the summer of 2010 because of a programming error that allowed it to escape Iran’s Natanz plant and sent it around the world on the Internet. Computer security experts who began studying the worm, which had been developed by the United States and Israel, gave it a name: Stuxnet.
At a tense meeting in the White House Situation Room within days of the worm’s “escape,” Mr. Obama, Vice President Joseph R. Biden Jr. and the director of the Central Intelligence Agency at the time, Leon E. Panetta, considered whether America’s most ambitious attempt to slow the progress of Iran’s nuclear efforts had been fatally compromised.
“Should we shut this thing down?” Mr. Obama asked, according to members of the president’s national security team who were in the room.
Told it was unclear how much the Iranians knew about the code, and offered evidence that it was still causing havoc, Mr. Obama decided that the cyberattacks should proceed. In the following weeks, the Natanz plant was hit by a newer version of the computer worm, and then another after that. The last of that series of attacks, a few weeks after Stuxnet was detected around the world, temporarily took out nearly 1,000 of the 5,000 centrifuges Iran had spinning at the time to purify uranium.
This account of the American and Israeli effort to undermine the Iranian nuclear program is based on interviews over the past 18 months with current and former American, European and Israeli officials involved in the program, as well as a range of outside experts. None would allow their names to be used because the effort remains highly classified, and parts of it continue to this day.
For those confused – yes: this is an act of war. A New Normal war.
It appears to be the first time the United States has repeatedly used cyberweapons to cripple another country’s infrastructure, achieving, with computer code, what until then could be accomplished only by bombing a country or sending in agents to plant explosives. The code itself is 50 times as big as the typical computer worm, Carey Nachenberg, a vice president of Symantec, one of the many groups that have dissected the code, said at a symposium at Stanford University in April. Those forensic investigations into the inner workings of the code, while picking apart how it worked, came to no conclusions about who was responsible.
And still America continues to wage war, subverting the constitution, without any Congressional approval, and without even telling the population what is really happening. Because it is “for its own good.”
A similar process is now under way to figure out the origins of another cyberweapon called Flame that was recently discovered to have attacked the computers of Iranian officials, sweeping up information from those machines. But the computer code appears to be at least five years old, and American officials say that it was not part of Olympic Games. They have declined to say whether the United States was responsible for the Flame attack.
The “New Normal Gulf of Tonkin“:
Don’t miss (Flashback)!!!:
The Wall Street Journal, citing three officials who said they had seen the document, reported Tuesday that the strategy would classify major cyber-attacks as acts of war, paving the way for possible military retaliation.
The newspaper said that the strategy was intended in part as a warning to foes that may try to sabotage the US electricity grid, subways or pipelines.
“If you shut down our power grid, maybe we will put a missile down one of your smokestacks,” it quoted a military official as saying.
– Obama Order Sped Up Wave of Cyberattacks Against Iran (New York Times, May 1, 2012):
WASHINGTON — From his first months in office, President Obama secretly ordered increasingly sophisticated attacks on the computer systems that run Iran’s main nuclear enrichment facilities, significantly expanding America’s first sustained use of cyberweapons, according to participants in the program.
Mr. Obama decided to accelerate the attacks — begun in the Bush administration and code-named Olympic Games — even after an element of the program accidentally became public in the summer of 2010 because of a programming error that allowed it to escape Iran’s Natanz plant and sent it around the world on the Internet. Computer security experts who began studying the worm, which had been developed by the United States and Israel, gave it a name: Stuxnet.
– Confirmed: US and Israel created Stuxnet, lost control of it (Ars Technica, June 1, 2012):
In 2011, the US government rolled out its “International Strategy for Cyberspace,” which reminded us that “interconnected networks link nations more closely, so an attack on one nation’s networks may have impact far beyond its borders.” An in-depth report today from the New York Times confirms the truth of that statement as it finally lays bare the history and development of the Stuxnet virus—and how it accidentally escaped from the Iranian nuclear facility that was its target.
The article is adapted from journalist David Sanger’s forthcoming book, Confront and Conceal: Obama’s Secret Wars and Surprising Use of American Power, and it confirms that both the US and Israeli governments developed and deployed Stuxnet. The goal of the worm was to break Iranian nuclear centrifuge equipment by issuing specific commands to the industrial control hardware responsible for their spin rate. By doing so, both governments hoped to set back the Iranian research program—and the US hoped to keep Israel from launching a pre-emptive military attack.
An antivirus expert said the virus has infected over 6 million computer accounts
A computer virus dubbed the world’s “first cyber superweapon” by experts and which may have been designed to attack Iran’s nuclear facilities has found a new target — China.
The Stuxnet computer worm has wreaked havoc in China, infecting millions of computers around the country, state media reported this week.
Stuxnet is feared by experts around the globe as it can break into computers that control machinery at the heart of industry, allowing an attacker to assume control of critical systems like pumps, motors, alarms and valves.
It could, technically, make factory boilers explode, destroy gas pipelines or even cause a nuclear plant to malfunction.
The virus targets control systems made by German industrial giant Siemens commonly used to manage water supplies, oil rigs, power plants and other industrial facilities.
“This malware is specially designed to sabotage plants and damage industrial systems, instead of stealing personal data,” an engineer surnamed Wang at antivirus service provider Rising International Software told the Global Times.
“Once Stuxnet successfully penetrates factory computers in China, those industries may collapse, which would damage China’s national security,” he added.
Another unnamed expert at Rising International said the attacks had so far infected more than six million individual accounts and nearly 1,000 corporate accounts around the country, the official Xinhua news agency reported.
Experts say the computer virus found in a nuclear plant is the work of a foreign power
Computers can go wrong, and everyone is used to it. But that’s at home. We assume that the machines controlling the infrastructure that makes everything tick – power stations, chemical works, water purification plants – have rock-solid defences in place to deal with unexplained crashes or virus attacks by malicious strangers.
Now, though, a new kind of online sabotage has reached its zenith with a self-replicating “worm” that started on a single USB drive and has spread rapidly through industrial computer systems around the world.
So sophisticated that many analysts believe it can only be part of a state-sponsored attack, the Stuxnet worm – or “malware” – is the first such programming creation designed with the specific intention of causing real world damage. And if the experts are right, it could herald a new chapter in the history of cyber warfare.
Stuxnet computer code designed to infect industrial plants created by well-funded hackers, says Symantec Corp expert
A powerful computer code attacking industrial facilities around the world, but mainly in Iran, was probably created by experts working for a country or a well-funded private group, according to an analysis by a leading computer security company.
The malicious code, called Stuxnet, was designed to go after several “high-value targets”, said Liam O Murchu, manager of security response operations at Symantec Corp. But both O Murchu and US government experts say there is no proof it was developed to target nuclear plants in Iran, despite recent speculation from some researchers.
Creating the malicious code required a team of as many as five to 10 highly educated and well-funded hackers. Government experts and outside analysts say they haven’t been able to determine who developed it or why.
The malware has infected as many as 45,000 computer systems around the world. Siemens AG, the company that designed the system targeted by the worm, said it has infected 15 of the industrial control plants it was apparently intended to infiltrate. It is not clear what sites were infected, but they could include water filtration, oil delivery, electrical and nuclear plants.
None of those infections has adversely affected the industrial systems, according to Siemens.