Stuxnet: Computer virus developed by US, Israel to destroy Iran centrifuges

While the world speculates as to the origin of the Flame virus found in Iranian computers, the New York Times confirmed that the US ordered a previous virus, Stuxnet, deployed against Iran’s nuclear enrichment facilities in 2008. It was the first widespread use of cyberweapons by the US against another nation.

The article, adapted from David Sanger’s new book "Confront and Conceal: Obama’s Secret Wars and Surprising Use of American Power," confirms that both the US and Israel worked together to develop and deploy Stuxnet, which issued commands to the hardware controlling the spin rate of Iran's centrifuges, causing it to break apart.

“Mr. Obama decided to accelerate the attacks — begun in the Bush administration and code-named Olympic Games — even after an element of the program accidentally became public in the summer of 2010 because of a programming error that allowed it to escape Iran’s Natanz plant and sent it around the world on the Internet. Computer security experts who began studying the worm, which had been developed by the United States and Israel, gave it a name: Stuxnet,” Sanger wrote.

More from GlobalPost: Flame virus: How does it work? Where does it come from?

While the Stuxnet virus represented a giant leap in how the US government conducts covert operations, it still may have required some traditional spying to carry off. In order to cross the air gap, the electronic mote that cuts the Natanz facility off from the internet at large, it was likely implanted by a double agent. 

“Getting the worm into Natanz, however, was no easy trick. The United States and Israel would have to rely on engineers, maintenance workers and others—both spies and unwitting accomplices—with physical access to the plant. ‘That was our holy grail,’ one of the architects of the plan said. ‘It turns out there is always an idiot around who doesn’t think much about the thumb drive in their hand,’” Sanger wrote. “In fact, thumb drives turned out to be critical in spreading the first variants of the computer worm; later, more sophisticated methods were developed to deliver the malicious code.”

After the worm was uploaded to the Iranian nuclear hardware, American intelligence officials and Israeli cyber spy outfit “Unit 8200” set to work on using Stuxnet to literally shake Iran’s centrifuges to pieces. Part of Obama’s cyber espionage plan, according to the article, was to bring the Israelis into the Stuxnet effort in an attempt to dissuade them from launching pre-emptive strikes against Iran’s nuclear facilities. The Obama administration decided that the only way to convince them that cyber-attacks were a viable alternative to pre-emptive strikes was to deeply involve them in every aspect of the Stuxnet project. 

More from GlobalPost: US steps up online propaganda war against Yemen militants

“Previous cyber-attacks had effects limited to other computers,” Michael V. Hayden, the former chief of the CIA, told Sanger, declining to describe what he knew of these attacks when he was in office.

“This is the first attack of a major nature in which a cyber-attack was used to effect physical destruction,” Sanger wrote, quoting Hayden.

American intelligence officials told Sanger that the use of malware in cyber espionage is not limited to Iran but used against America’s enemies the world over. 

“There is no reason to believe that will remain the case for long. Some officials question why the same techniques have not been used more aggressively against North Korea. Others see chances to disrupt Chinese military plans, forces in Syria on the way to suppress the uprising there, and Qaeda operations around the world,” Sanger wrote.

More from GlobalPost: Anonymous hacker boasts moles inside US government