Stuxnet Prevents Iran from Opening Bushehr

An internal report issued by Iran's intelligence services warns that due to the Stuxnet computer worm, attempts to start the Bushehr nuclear power plant could lead to the country's entire electronic grid being shut down. Iran is blaming the US and Israel.

The report, written by the Iranian Passive Defense Organization, chaired by Revolutionary Guards Gen. Gholam-Reza Jalali, states that Stuxnet has so thoroughly infected the operating systems at the Bushehr power plant that work on the plant must be halted indefinitely.

If the Bushehr power plant were to go on line, “the internal directives programmed into the structure of the virus can actually bring the generators and electrical power grid of the country to a sudden halt, creating a “heart attack type of work stoppage,” the report states.

The report was obtained by the “Green Liaison news group,” Iranian journalists affiliated with presidential candidate Mir Hussein Mousavi, and was translated into English by Reza Kahlili, a former Revolutionary Guards officer who spied on behalf of the CIA for over a decade while inside Iran.

The report claims that Stuxnet “has automatic updating capabilities in order to track and pirate information,” and that it “can destroy system hardware step-by-step."

Gen. Jalali has held two press conferences in recent weeks where he has given tantalizing glimpses into the conclusions of his top-secret task force to analyze and defuse the Stuxnet computer worm.

At one, he blamed Israel for collaborating in developing the worm and claimed that his experts had traced “reports” sent by the worm back to Texas.

“Enemies have attacked industrial infrastructure and undermined industrial production through cyberattacks. This was a hostile action against our country,” Jalali said. “If it had not been confronted in time, much material damage and human loss could have been inflicted.”

Oh - remember that new worm called Stars I reported on last week? Here's a hint of what it might do....

On Monday, Jalali claimed that his intelligence unit, which merges computer analysts from the intelligence ministry and the Revolutionary Guards intelligence service, had found a new computer virus attacking Iran’s nuclear facilities called “Stars.”

He called “Stars” an “espionage virus,” and said that it copied government files and was difficult to destroy in its early stages.

Read the whole thing. Heh.

Labels: Bushehr, Iranian nuclear program, Natanz, Reza Khalili, Stars, Stuxnet

posted by Carl in Jerusalem

Misunderstanding Israel and Stuxnet

I can't believe London's Daily Telegraph has the gall to write this kind of stuff (Hat Tip: Jihad Watch).

Separate investigations by US nuclear experts have discovered that Stuxnet worked by increasing the speed of uranium centrifuges to breaking point for short periods. At the same time it shut off safety monitoring systems, hoodwinking operators that all was normal.

Mr Parker found that this part of the attack must have been conceived by "some very talented individuals", and the other by a less talented, or more rushed, group of developers.

The element written by the first group, which was activated after Stuxnet reached its target and is known as the "payload", is very complex, well designed and effective, according to Mr Parker's analysis. He believes this is evidence of the involvment of a major Western power or powers - potentially including Britain - because they have both the scarce cyber expertise, and access to the tightly-regulated nuclear equipment necessary to test the virus.

In contrast, the way Stuxnet was distributed and its "command and control" features, which allow it to be remotely altered, include many errors and are poorly protected from surveillance.

"It's a bit like spending billions on a space shuttle and then launching it using the remote control from a £15 toy car," said Mr Parker.

...

"Either the authors did not care if the payload was discovered by the general public, they weren’t aware of these techniques, or they had other limitations, such as time," said Mr Lawson.

However, the apparently cheap wrapping of an expensive package points to Israel as the distributing power, said Mr Parker.

Have Mr. Parker or Mr. Lawson or Mr. Williams (the Telegraph reporter) compared Israel's programming skills with Britain's (or for that matter with the US's) lately?

It's a pity that no one at the Mossad is able to answer this one. What a bunch of rubbish.

Labels: Iranian nuclear program, Mossad, Stuxnet

posted by Carl in Jerusalem

Stuxnet Product of US and Israel

The New York Times is reporting in Sunday's editions that the Stuxnet computer worm was tested at Israel's Dimona nuclear facility (Hat Tip: NY Nana).

Behind Dimona’s barbed wire, the experts say, Israel has spun nuclear centrifuges virtually identical to Iran’s at Natanz, where Iranian scientists are struggling to enrich uranium. They say Dimona tested the effectiveness of the Stuxnet computer worm, a destructive program that appears to have wiped out roughly a fifth of Iran’s nuclear centrifuges and helped delay, though not destroy, Tehran’s ability to make its first nuclear arms.

“To check out the worm, you have to know the machines,” said an American expert on nuclear intelligence. “The reason the worm has been effective is that the Israelis tried it out.”

Though American and Israeli officials refuse to talk publicly about what goes on at Dimona, the operations there, as well as related efforts in the United States, are among the newest and strongest clues suggesting that the virus was designed as an American-Israeli project to sabotage the Iranian program.

...

The worm itself now appears to have included two major components. One was designed to send Iran’s nuclear centrifuges spinning wildly out of control. Another seems right out of the movies: The computer program also secretly recorded what normal operations at the nuclear plant looked like, then played those readings back to plant operators, like a pre-recorded security tape in a bank heist, so that it would appear that everything was operating normally while the centrifuges were actually tearing themselves apart.

The attacks were not fully successful: Some parts of Iran’s operations ground to a halt, while others survived, according to the reports of international nuclear inspectors. Nor is it clear the attacks are over: Some experts who have examined the code believe it contains the seeds for yet more versions and assaults.

“It’s like a playbook,” said Ralph Langner, an independent computer security expert in Hamburg, Germany, who was among the first to decode Stuxnet. “Anyone who looks at it carefully can build something like it.” Mr. Langner is among the experts who expressed fear that the attack had legitimized a new form of industrial warfare, one to which the United States is also highly vulnerable.

Officially, neither American nor Israeli officials will even utter the name of the malicious computer program, much less describe any role in designing it.

...

By the accounts of a number of computer scientists, nuclear enrichment experts and former officials, the covert race to create Stuxnet was a joint project between the Americans and the Israelis, with some help, knowing or unknowing, from the Germans and the British.

The project’s political origins can be found in the last months of the Bush administration. In January 2009, The New York Times reported that Mr. Bush authorized a covert program to undermine the electrical and computer systems around Natanz, Iran’s major enrichment center. President Obama, first briefed on the program even before taking office, sped it up, according to officials familiar with the administration’s Iran strategy. So did the Israelis, other officials said. Israel has long been seeking a way to cripple Iran’s capability without triggering the opprobrium, or the war, that might follow an overt military strike of the kind they conducted against nuclear facilities in Iraq in 1981 and Syria in 2007.

Two years ago, when Israel still thought its only solution was a military one and approached Mr. Bush for the bunker-busting bombs and other equipment it believed it would need for an air attack, its officials told the White House that such a strike would set back Iran’s programs by roughly three years. Its request was turned down.

Now, Mr. Dagan’s statement suggests that Israel believes it has gained at least that much time, without mounting an attack. So does the Obama administration.

For years, Washington’s approach to Tehran’s program has been one of attempting “to put time on the clock,” a senior administration official said, even while refusing to discuss Stuxnet. “And now, we have a bit more.”

...

Dr. Cohen said his sources told him that Israel succeeded — with great difficulty — in mastering the centrifuge technology. And the American expert in nuclear intelligence, who spoke on the condition of anonymity, said the Israelis used machines of the P-1 style to test the effectiveness of Stuxnet.

The expert added that Israel worked in collaboration with the United States in targeting Iran, but that Washington was eager for “plausible deniability.”

Read the whole thing.

Heh.

Labels: Dimona nuclear reactor, Iranian nuclear program, Natanz, Stuxnet

posted by Carl in Jerusalem @ 4:17 AM

You might like:

* Different Types of Law (eHow)
* Dead nuclear scientist headed Iran's response team to Stuxnet (this site)
* Interview with Egyptian Christian Copt :: Israel Matzav (this site)
* Gabrielle Giffords was shot because she is Jewish (this site)

(Selected for you by our sponsor )

5 Comments:

At 4:35 AM, Blogger bacci40 said...

now this i can buy

the idea that israel alone created the worm, made no sense at all

At 4:49 AM, Blogger NY Nana said...

Shavua Tov, Carl

Thanks for the hat tip. Quite an article, and that al-NYT was actually not going after Israel, but seemingly decent, was nearly a bigger surprise than the co-operation between Israel and the USA with Hussein approving.

I am imagining the Iranians sitting there freaking out!

G-d bless Israel!

At 4:53 AM, Blogger Daniel said...

Why didn't the US do it?

At 6:13 AM, Blogger biorabbi said...

Fascinating article. It appears to have been a joint CIA-Mossad operation in the high-tech sphere with help from England and, curiously, Germany though their industrial know how.

What piqued my interest is that Stuxnet may not have finished its mission of rotary destruction. I think it's also smart for Israel and Washington to continue to leak out details as this will help dissent in Iran. How does it look if Iran's program cannot be protected by their regime?

The outgoing head of Mossad is a hero of mine. Job well done indeed!

At 11:02 AM, Blogger Sparky the Wonder Dog said...

"President Obama, first briefed on the program even before taking office, sped it up, according to officials familiar with the administration’s Iran strategy. So did the Israelis..."

silver lining


Post a Comment
Links to this post:

<$BlogBacklinkTitle$>
<$BlogBacklinkSnippet$>
posted by <$BlogBacklinkAuthor$> @ <$BlogBacklinkDateTime$>

Create a Link

<< Home

About Me

Name: Carl in Jerusalem
Location: Jerusalem, Israel

Spies Sabotaged Iran Nuke Program not POTUS

Jeffrey Goldberg titles his latest column regarding the prospects for a nuclear ou might like:
Iran, "A Major Victory for President Obama on Iran."

Much credit in delaying Iran goes to the unknown inventor of Stuxnet, the miracle computer virus, which has bollixed-up Iran's centrifuges; much credit goes to the Mossad and the CIA and the Brits and God knows who else, who are working separately and in tandem to subvert the Iranian program, and a great deal of credit must go to, yes, President Barack Obama, who has made stopping Iran one of his two or three main foreign policy priorities over the past two years. He did the difficult work of pulling together serious multilateral sanctions against Iran; he has convinced the Israelis -- at least he has partially convinced some Israelis -- that he has placed the prestige of his presidency behind this effort, and that he sincerely and deeply understands why it is in no one's interest to see Iran with a bomb, and he has supported, in ways that I only know the most general way, some very hard-edged counterproliferation programs, programs whose existence proves, among other things, that he is capable of real and decisive toughness. [Emphasis mine]

Unless Goldberg knows something that we don't - namely that the US under Obama is taking the lead role behind Stuxnet and the disappearance of Iranian nuclear scientists (which Goldberg doesn't really mention), he is giving Obama far too much credit for what has happened.

Without Stuxnet and without the liquidations of Iran's nuclear scientists, the sanctions would be having much less of an effect, if any at all.

And for far too long in this administration, the priority was not on stopping Iran, but on stopping Israel. If anyone deserves credit for the sanctions, it's not Obama, but the Congress, which dragged him into them kicking and screaming.

If anything, Goldberg's comments on Obama's role in Iran remind me of Homeland Security Secretary Janet Napolitano's comments on the morning after the underwear bomber last Christmas. Napolitano said "the system worked." No, the system didn't work, but we managed to avoid the problem anyway thanks to others who were vigilant about the event not happening, so it looked a little bit like the system worked.

The same is true here. The sanctions were too little and too late to stop Iran (although, if continued and intensified, they could yet help), but others - the inventors of Stuxnet, the bombers of motorcycles and the encouragers of defection - were the ones who have set Iran back.

Labels: Barack Obama, Iran sanctions regime, Iranian nuclear threat, Jeffrey Goldberg, Stuxnet

posted by Carl in Jerusalem @ 6:23 PM

Stuxnet Virus Spreading and Mutating

The Stuxnet computer worm continues to mutate and spread through industrial plant computers in Iran, including in Iran's nuclear facilities.

The Stuxnet worm is mutating and wreaking further havoc on computerised industrial equipment in Iran where about 30,000 IP addresses have already been infected, IRNA news agency reported on Monday.

"The attack is still ongoing and new versions of this virus are spreading," Hamid Alipour, deputy head of Iran's Information Technology Company, was quoted as saying by IRNA, Iran's official news agency.

Stuxnet, which was publicly identified in June, was tailored for Siemens supervisory control and data acquisition, or SCADA, systems commonly used to manage water supplies, oil rigs, power plants and other industrial facilities.

The self-replicating malware has been found lurking on Siemens systems mostly in India, Indonesia and Pakistan, but the heaviest infiltration appears to be in Iran, according to researchers.

The hackers, who enjoyed "huge investments" from a series of foreign countries or organisations, designed the worm to exploit five different security vulnerabilities, Alipour said while insisting that Stuxnet was not a "normal" worm.

He said his company had begun the cleanup process at Iran's "sensitive centres and organisations," the report said.

Analysts say Stuxnet may have been designed to target Iran's nuclear facilities. But Iranian officials have denied the Islamic republic's first nuclear plant at Bushehr was among the addresses penetrated by the worm.

"This virus has not caused any damage to the main systems of the Bushehr power plant," Bushehr project manager Mahmoud Jafari said on Sunday.

He, however, added the worm had infected some "personal computers of the plant's personnel."

Heh.

posted by Carl in Jerusalem

Stuxnet Computer Worm Mysteries

Blake Hounshell discusses six mysteries regarding the Stuxnet computer worm that may have infected Iran's nuclear facilities. Here are some of the more interesting ones.

1. What was the target? Although the worm has affected computers in Indonesia, India, Pakistan, and elsewhere in addition to Iran, security researchers who have been pouring over Stuxnet for months say it appears aimed at a very specific target. According to Siemens, "The behavioral pattern of Stuxnet suggests that the virus is apparently only activated in plants with a specific configuration. It deliberately searches for a certain technical constellation with certain modules and certain program patterns which apply to a specific production process." Two German experts, Ralph Langner and Frank Rieger, have offered competing theories as to what that target might be, both of them in Iran, where most of the affected machines are.

Langner guesses that Stuxnet is aimed at Bushehr, Iran's civilian nuclear power plant, which is slated to go online this fall. Langner's case rests largely on the fact that Bushehr runs Siemens software and that Russian contractors would have had access to the facility -- and that they would have used USB drives to set up the system.

Rieger counters that Natanz, Iran's uranium enrichment plant, is a more likely target. Not only is it more of a proliferation threat, there's suggestive evidence that it actually may have been affected by sabotage. (More on this later.) He also points out that Natanz is more likely to have the kinds of identical nodes, in this case "cascades" or groups of centrifuges, that would be susceptible to an attack.

2. Who did it? The obvious culprit is Israel, which has both the sophisticated technology and the motive to sabotage Iran's nuclear program, which it deems a mortal threat. An eerily prescient Reuters article published in July 2009 quotes Scott Borg, a U.S. cybersecurity expert, speculating that Israel might want to do so, adding that "a contaminated USB stick would be enough" to cause real damage to Iranian facilities.

Other countries, such as the United States, China, and Russia, probably have the capability, but only one -- the United States -- has a clear motive (some might add France and Germany to this list). One could spin complicated theories as to why Russia would want to sabotage its own facility, but Occam's Razor probably applies here -- and other reporting has indicated that the United States and Israel have, in fact, approved a covert sabotage campaign that may include a cyber component.

You think WE - the world's biggest experts on cybersecurity - would do something like that? Hmmm.

posted by Carl in Jerusalem

Stuxnet Malware Infests Iran Nuclear Facility

The Stuxnet worm has hit the Bushehr nuclear plant.

A complex computer worm capable of seizing control of industrial plants has affected the personal computers of staff working at Iran's first nuclear power station weeks before the facility is to go online, the official news agency reported Sunday.

The project manager at the Bushehr nuclear plant, Mahmoud Jafari, said a team is trying to remove the malware from several affected computers, though it "has not caused any damage to major systems of the plant," the IRNA news agency reported.

It was the first sign that the malicious computer code, dubbed Stuxnet, which has spread to many industries in Iran, has also affected equipment linked to the country's nuclear program, which is at the core of the dispute between Tehran and Western powers like the United States.

...

In a sign of the high-level concern in Iran, experts from the country's nuclear agency met last week to discuss ways of fighting the worm.

The infection of several computers belonging to workers at Bushehr will not affect plans to bring the plant online in October, Jafari was quoted as saying.

Hmmm.

posted by Carl in Jerusalem