On December 4th of last year RAMPARTS looked at a new form of cyber warfare, the STUXNET virus, that was used to cripple Iran’s drive toward achieving a viable nuclear device. Although at the initial report no identifiable connections with intelligence services were noted, the complexity of the computer virus suggested a tie to sophisticated computer experts of the highest order. How do you devise a destructive computer program that creates havoc with critical performance measures, yet hides from all viewing the damage being done? A must read report in the New York Times by reporters Broad, Markoff, and Sanger begins to connect the dots on what has all the elements of the best spy stories of the 1960’s. We are beginning to see the spiders web of intelligence agencies at work to frustrate Iran’s goals of becoming a nuclear menace, we just don’t know yet who played the James Bond role yet. We can, however, enjoy the elements of a building great mystery story on the level of John Le Carre and Ian Fleming.
1) Isreal, the named target of Iran’s rage whom the president of Iran has repeatedly vowed to “erase off the map”, has a special and urgent calling to prevent the access to nuclear weapons by its avowed enemy. In the Bush administration, it asked for access to military weapons capable of penetrating and destroying Iran’s underground nuclear facilities to be potentially used in a military attack. It is denied.
2) The critical component of a nuclear program is the ability to produce weapons grade plutonium by centrifugation. A weapons spy thief of the first order, A.Q. Khan of Pakistan working in the Netherlands in the 1970’s steals plans of a working centrifuge, the P-1, initiating Pakistan’s successful nuclear weapon program. He then proliferates the technology to radical states such as North Korea, Iran, and Libya, allowing their dictators to develop their own programs.
3) President George W. Bush in 2003 achieves a secondary windfall in the overthrow of Saddam Hussein in Iraq, as Muammar al-Gaddafiin Libya decides it is not worththe wrathof the United States to continue his weapons program and turns his program over to the United States, and with it, several P-1 centrifuges. The centrifuges are studied by American intelligence services to note their capacities, and their vulnerabilities.
4) Israel succeeds at developing a testing process to mimic the Iranian nuclear facilities and determine the means by which a cyber attack could be contemplated.
5) The German multinational corporation, Siemens, designer of the intricate software programs that over see the Iranian nuclear facilities at Natanz, came to the United States in 2008 to have experts review potential vulnerabilities to cyberattack of its Process Control System 7, the software responsible for coordinating the multiple centrifuges required to achieve satisfactory weapons grade plutonium. It appears the vulnerabilities were adequately understood by both sides.
6) 2010, two critical scientists in the Iranian nuclear program are assassinated in Tehran, further preventing the adjustment of the nuclear program done by STUXNET.
7) President Bush in 2008 approves a program of cyber subtrifuge to the nuclear facilities in Iran, accelerated by President Obama. It is not known if STUXNET was directly associated with this program.
8) It appears some time in 2008 or 2009, “James Bond” succeeded in infiltrating the computer systems at Natanz, Iran and released the STUXNET virus achieving the disabling of multiple centrifuges without the damage being arrested, until a significant number of the centrifuges had to be taken off line. It is estimated this delayed the success of the program as much as three years and clearly identifies why Israel remained militarily passive against the Iranian threat last year when all signs pointed to an approaching “high noon” moment.
The multi-layered saga of Iran’s nuclear ambitions and the world’s resolve to stop Iran without a military cataclysm continues to fascinate. The New York Times has managed to bring together a potential narrative as to what is happening, but large elements are missing a may never be known. Who devised STUXNET and who succeeded in infiltrating the Iranian facilities. Given the instability in Iran was this potentially an “inside” job? What is the true extent of the damage and what is being done to prevent Iranian response and recovery. Who else is involved from a world perspective and what is their role?
Man, this is getting good…