US and Israel Team behind Cyberwar Attack on Iran
June 2, 2012
The Washington Post recently portrayed the US as being forced to play "catch-up" in the world of Cyberwar. "Plan X, marks a new phase in the nation's fledgling military operations in cyberspace, which have focused more on protecting the Defense Department's own computer systems than on disrupting or destroying those of enemies." In fact, as the WSJ points out, the US has long been a leader (and an aggressive practitioner) in the emerging world of Cyberwar.
US Team and Israel Developed Iran Worm
Siobhan Gorman / Wall Street Journal
WASHINGTON (June 1, 2012) -- The U.S. is pursuing a wide-ranging, high-tech campaign against Iran's nuclear program that includes the cybersabotage project known as Stuxnet, which was developed by the Central Intelligence Agency in conjunction with Idaho National Laboratory, the Israeli government, and other U.S. agencies, according to people familiar with the efforts.
The covert CIA effort also includes persistent drone surveillance and cyberspying on Iranian scientists, they said.
The U.S. strategy to use technologically advanced measures against Iran illustrates how the Internet and other remote-access capabilities are facilitating spy operations deep inside denied territories.
"It's part of a larger campaign," said a former U.S. official familiar with the efforts. "It's a preferable alternative to airstrikes."
U.S. officials and their allies accuse Iran of operating an illicit nuclear enrichment program to develop atomic weapons, a charge Iran denies.
Through the administrations of President Barack Obama and his predecessor, George W. Bush, the U.S. has pursued a cyber campaign, code-named "Olympic Games," to attack the Iranian program, former officials said.
The existence of Stuxnet and the presumption of U.S. and Israeli involvement have been widely reported, even though U.S. officials have never confirmed the government's role. The code name and scope of the project and other details of the effort were reported on Friday by the New York Times in an adaptation from a coming book.
The first stage of the effort involved inserting so-called beacons into the computers running the control systems used in Iran's Natanz nuclear enrichment facility, former officials said. Beaconing is a technique U.S. cyberwar operators often use to electronically map and monitor computer systems they infiltrate, the officials said.
Then, the National Security Agency teamed up with Israeli counterparts to develop the attack code that would become known as Stuxnet, former officials said. It was introduced into the Iranian facility via a flash drive. The Stuxtnet worm was discovered by researchers in 2010 after it was inadvertently released on the Internet and turned up in computer systems in several countries, including Iran, current and former officials said.
A key element of Olympic Games which hasn't been previously disclosed was a partnership between the CIA's Information Operations Center and the Idaho National Laboratory.
Idaho National Lab has a cadre of researchers who investigate vulnerabilities in computerized control systems that run critical infrastructure. Researchers there probed the specific control system used for the Iranian enrichment program, a former U.S. official said.
"They found out how you could make them destroy themselves," the former official said.
The CIA declined to comment. The Department of Homeland Security declined to comment on behalf of Idaho National Lab, which is run by the Department of Energy but has joint programs with a number of government agencies.
Iranians have accused the U.S. and Israel of being behind the cyberattacks. The country's mission to the United Nations didn't return a call seeking comment.
Officials are looking to see whether the revelations about covert U.S. efforts to spy on and sabotage Iran's nuclear program will create new hurdles for upcoming negotiations this month on Iran's nuclear program.
White House spokesman Tommy Vietor declined to comment on U.S. efforts to counter Iran's nuclear program, but said that the focus of international talks was Iran's flouting of international requirements.
"The reason the world is united is because Iran has failed to meet its clear obligations with regard to its nuclear program," he said. Until Iran complies with nonproliferation obligations, he added, "they will continue to be isolated, and nothing can change that except for concrete steps by the Iranians."
Write to Siobhan Gorman at firstname.lastname@example.org
A version of this article appeared June 2, 2012, on page A10 in the U.S. edition of The Wall Street Journal, with the headline: U.S. Team And Israel Developed Iran Worm.
Cyber-warfare Gets Big Pentagon Push
Ellen Nakashima / Washington Post
(May 31, 2012) -- The Pentagon is turning to the private sector, universities and even computer gamers as part of an ambitious effort to develop technologies to improve its cyber-warfare capabilities, launch effective attacks and withstand the likely retaliation.
The previously unreported effort, which its authors have dubbed Plan X, marks a new phase in the nation's fledgling military operations in cyberspace, which have focused more on protecting the Defense Department's own computer systems than on disrupting or destroying those of enemies.
Plan X is a project of the Defense Advanced Research Projects Agency, a Pentagon agency that focuses on experimental efforts and has a key role in harnessing computing power to help the military wage war more effectively.
"If they can do it, it's a really big deal," said Herbert Lin, a cyber-expert with the National Research Council of the National Academy of Sciences. "If they achieve it, they're talking about being able to dominate the digital battlefield just like they do the traditional battlefield."
Cyber-warfare conjures images of smoking servers, downed electrical systems and exploding industrial plants, but military officials say cyber-weapons are unlikely to be used on their own. Instead, they would support conventional attacks, by blinding an enemy to an impending air strike, for example, or disabling a foe's communications system during battle.
The five-year, $110 million research program will begin seeking proposals this summer. Among the goals will be the creation of an advanced map that details the entirety of cyberspace -- a global domain that includes tens of billions of computers and other devices -- and updates itself continuously. Such a map would help commanders identify targets and disable them using computer code delivered through the Internet or other means.
Another goal is the creation of a new, robust operating system capable of both launching attacks and surviving counterattacks. Officials say this would be the cyberspace equivalent of an armored tank; they compare existing computer operating systems to sport utility vehicles -- well-suited to peaceful highways but too vulnerable to work on battlefields.
The architects of Plan X also hope to develop systems that could give commanders the ability to carry out speed-of-light attacks and counterattacks using pre-planned scenarios that do not involve human operators manually typing in code - a process considered much too slow. Officials compare this to flying an 5airplane on autopilot along predetermined routes.
It makes sense "to take this on right now," said Richard George, a former National Security Agency cyber-defense official. "Other countries are preparing for a cyber-war. If we're not pushing the envelope in cyber, somebody else will."
The shift in focus is significant, said officials from the Pentagon agency, known by its acronym DARPA. Cyber-operations are rooted in the shadowy world of intelligence gathering and electronic spying organizations such as the National Security Agency.
Unlike espionage, military cyber-attacks would be aimed at achieving a physical effect - disrupting or shutting down a computer, for example - and probably would be carried out by U.S. Cyber Command, the organization that was launched in 2010.
(c) 2012 Hearst Communications Inc.