The Stuxnet virus was created by the US and Israel, according to a report today, confirming suspicions held by many in the security industry.
Stuxnet was considered to be the most sophisticated piece of malware ever created when it emerged in 2010, targeting Iranian nuclear power plant centrifuges.
According to participants in the programme, Stuxnet was actually classed as a botched operation when the US government let it get out in the open. After Stuxnet “escaped”, the US held an emergency meeting to discuss whether to shut the operation down. It was decided that the programme should press on, but use a fresh version of the worm to attack Iran’s Natanz plant.
The attack, which formed part of a campaign codenamed Olympic Games, started under President Bush, temporarily disabled 1,000 of centrifuges Iran was using to purify uranium. Stuxnet packed a powerful punch, as it was able to exploit four zero-day vulnerabilities at once – something that was unprecedented at the time.
The information on the Stuxnet operation was discovered following interviews with current and former American, European and Israeli officials, indicating Europe was also involved.
Although the operation was led by the US agencies, Israeli Unit 8200, a part of its military forces, was brought in because of its strong technical skills. This was also done because the Americans feared a pre-emptive strike by Israel on Iran. To get Stuxnet installed on Natanz systems, the cyber-spy team had to rely on workers at the plant plugging in thumb drives left there by insider sources.
“The intent was that the failures should make them feel they were stupid, which is what happened,” said one participant in the attacks.
The information would indicate the US and Israel created Duqu too, which was designed to steal data rather than directly disrupt critical infrastructure. Duqu was believed to have been created by the same team as Stuxnet.
The Flame cyber-espionage worm, which was outed this week and is believed to be the work of a nation state, is considered by some to be the result of another US-Israel collaboration.
Israel has not officially distanced itself from the project, whilst a US source recently told MSNBC that America was involved. However, that source said he had “no first-hand knowledge” of the hit.
During the Olympic Games push, Obama expressed concerns that if the US acknowledged its use of cyber weapons, it might allow others to justify attacks on the country. US policy states that it has the right to respond with real-world attacks if it deems a cyber hit serious enough.
Are you a security expert? Try our quiz!
Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector
Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…
Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…
Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…
Explore the future of work with the Silicon In Focus Podcast. Discover how AI is…
Executive hits out at the DoJ's “staggering proposal” to force Google to sell off its…
View Comments
Only four countries had the technical know-how to develop the Flame virus: "Israel, the U.S., China and Russia."
Since the virus was obviously intended for Iran, we can eliminate its friends China and Russia.
This leaves only Israel and us.
Having thoroughly demonized Iran, anything we do to it has become fair game.
But there is nothing fair or right about taking another country's data. Certainly we would not want China or Russia taking our data and spreading it to 80 separate servers.
As a leader of the world community aspiring for governance through universal fairness, we can no longer afford to follow the beaten path of expediency chosen by Israel. Doing so will not only deprive us of our moral authority, but will also squander our unique opportunity to fashion a more just and fair world.
As usual one law for them and one for the majority. Kids are being imprisoned for doing far less. Would be nice then if all governments got off their imagined high moral horses and allowed everybody to hack with impunity. See how long their secrets would stay secret.