In 2011, the US government rolled out its “International Strategy for Cyberspace,” which reminded us that “interconnected networks link nations more closely, so an attack on one nation’s networks may have impact far beyond its borders.” An in-depth report today from the New York Times confirms the truth of that statement as it finally lays bare the history and development of the Stuxnet virus—and how it accidentally escaped from the Iranian nuclear facility that was its target.
The article is adapted from journalist David Sanger’s forthcoming book, Confront and Conceal: Obama’s Secret Wars and Surprising Use of American Power, and it confirms that both the US and Israeli governments developed and deployed Stuxnet. The goal of the worm was to break Iranian nuclear centrifuge equipment by issuing specific commands to the industrial control hardware responsible for their spin rate. By doing so, both governments hoped to set back the Iranian research program—and the US hoped to keep Israel from launching a pre-emptive military attack.
The code was only supposed to work within Iran’s Natanz refining facility, which was air-gapped from outside networks and thus difficult to penetrate. But computers and memory cards could be carried between the public Internet and the private Natanz network, and a preliminary bit of “beacon” code was used to map out all the network connections within the plant and report them back to the NSA.
That program, first authorized by George W. Bush, worked well enough to provide a digital map of Natanz and its industrial control hardware. Soon, US national labs were testing different bits of the plan to sabotage Natanz (apparently without knowing what the work was for) using similar centrifuges that had come from Libya’s Qadaffi regime. When the coders found the right sets of commands to literally shake the centrifuges apart, they knew that Stuxnet could work.
When ready, Stuxnet was introduced to Natanz, perhaps by a double agent.