Tuesday, June 13, 2017

Obama ordered Stuxnet cyberattack in 2010 per NY Times Sanger book in 2012. Security experts said Obama wanted credit for Stuxnet cyberattack ahead of 2012 election to neutralize criticism that he was weak on Iran-UK Telegraph, 6/1/2012

.
In 2010 Obama ordered Stuxnet attack on Iran's computers. "“This is the first attack of a major nature in which a cyberattack was used to effect physical destruction,” said Michael Hayden a former director of the CIA and NSA....Commentators suggested that confirmation of American involvement in Stuxnet had been released by others to neutralise any Republican election claims that President Obama has been soft on Iran. "Obama wanted to get credit for Stuxnet, as that makes him look tough against Iran," said Mikko Hypponen, chief research officer at F-Secure, one of the security firms that have investigated Stuxnet."...

6/1/2012, "Barack Obama 'ordered Stuxnet cyber attack on Iran'," UK Telegraph, Christopher Williams

"President Barack Obama ordered the Stuxnet attack on Iran as part of a wave of cyber sabotage and espionage against the would-be nuclear power, according to a new book citing senior Washington sources."

"The computer virus, aimed at the Natanz uranium enrichment facility, was designed to damage centrifuges by making covert adjustments to the machines controlling them. 

It formed part of a "wave" of digital attacks on Iran codenamed "Olympic Games" and was created with the assistance of a secret Israeli intelligence unit, The New York Times said in a report based on a book chronicling secret wars under the Obama administration.

The report confirms the suspicions of computer security experts who detected and forensically examined Stuxnet in 2010. They reasoned that the technical expertise and human intelligence sources needed to create and deliver what was described as the "world's first cyberweapon" pointed to a joint operation by American and Israeli agencies.

Such third parties reportedly discovered Stuxnet as the result of a "programming error" that meant it spread beyond the computer network at Natanz. According to the account, President Obama asked his national security advisers whether the attack should be halted at a White House Situation Room meeting convened days after the virus "escaped", but decided to intensify it instead.

It's estimated that Stuxnet crippled around 1,000 of 5,000 Natanz centrifuges by spinning them at damagingly high speeds. 

This is the first attack of a major nature in which a cyberattack was used to effect physical destruction, said Michael Hayden a former director of the CIA and NSA, who did not reveal his own knowledge of "Olympic Games".

Commentators suggested that confirmation of American involvement in Stuxnet had been released by others to neutralise any Republican election claims that President Obama has been soft on Iran.

"Obama wanted to get credit for Stuxnet, as that makes him look tough against Iran," said Mikko Hypponen, chief research officer at F-Secure, one of the security firms that have investigated Stuxnet.

The first stage of the attack, a "beacon" designed to report back details of systems at Natanz to the National Security Agency, America's electronic intelligence agency, was however mounted speculatively under the Bush administration, according to unnamed officials. 

Confirmation of American involvement in Stuxnet comes as computer security experts begin to unpick an even more complicated virus, Flame, which was detected last month and also appears to target Iran. It is written for espionage rather than sabotage, but like Stuxnet is passed from computer to computer by USB thumb drives, a design feature apparently meant to limit its spread and so reduce its risk of detection. 

Getting Stuxnet into Natanz therefore required a worker at the plant to carry it in on a USB thumb drive.

"That was our holy grail," one of the architects of the plan told [NY Times'] David E Sanger, the author of the new book, Confront and Conceal: Obama’s Secret Wars and Surprising Use of American Power.

"It turns out there is always an idiot around who doesn’t think much about the thumb drive in their hand." 

The same officials declined to say whether the United States was involved in the Flame attack, which appears to have begun five years ago, although they did say it was not part of the "Olympic Games" programme." 

.............................

In 2010 Obama authorized use of Stuxnet to attack Iran's computers:

11/13/2014, "How Obama Endangered Us All With Stuxnet," Daily Beast, Kim Zetter

"The cybersabotage campaign on Iran’s nuclear facilities didn’t just damage centrifuges. It undermined digital security everywhere."

"Stuxnet was unprecedented in that it was the first malicious code found in the wild that was built not to steal data, but to physically destroy equipment controlled by the computers it infected—in this case, the cylindrical centrifuges Iran uses to enrich uranium gas. 

Much has been said about Stuxnet in the years since its discovery.

But little of that talk has focused on how use of the digital weapon undermined Obama’s stated priority of protecting critical infrastructure, placed that vulnerable infrastructure in the crosshairs of retaliatory attacks, and illuminated our country’s often-contradictory policies on cyberwarfare and critical infrastructure security."...






 ...............

No comments: