HOW SECURITY LEAKS COMPROMISE OUR NATIONAL SECURITY – OUR RETIRED MILITARY AND INTELLIGENCE COMMUNITY SPEAKS OUT
Archive for the ‘Stuxnet’ Category
- June 16, 2012
They seem designed to glorify President Obama and help his re-election campaign.
By PEGGY NOONAN
What is happening with all these breaches of our national security? Why are intelligence professionals talking so much—divulging secret and sensitive information for all the world to see, and for our adversaries to contemplate?
In the past few months we have read that the U.S. penetrated al Qaeda in Yemen and foiled a terror plot; that the Stuxnet cyberworm, which caused chaos in the Iranian nuclear program, was a joint Israeli-American operation; and that President Obama personally approves every name on an expanding “kill list” of those targeted and removed from life by unmanned drones. According to the New York Times, Mr. Obama pores over “suspects’ biographies” in “what one official calls ‘the macabre ‘baseball cards’ of an unconventional war.”
From David Sanger’s new book, “Confront and Conceal: Obama’s Secret Wars and Surprising Use of American Power,” we learn that Stuxnet was “the most sophisticated, complex cyberattack the United States had ever launched.” Its secret name was “Olympic Games.” America and Israel developed the “malicious software” together, the U.S. at Fort Meade, Md., where it keeps “computer warriors,” Israel at a military intelligence agency it “barely acknowledges exists.”
It’s a good thing our enemies can’t read. Wait, they can! They can download all this onto their iPads at a café in Islamabad.
It’s all out there now. Mr. Sanger’s sources are, apparently, high administration officials, whose diarrhetic volubility marks a real breakthrough in the history of indiscretion.
What are they thinking? That in the age of Wikileaks the White House itself should be one big Wikileak? (more…)
Bride of Stuxnet
Webcraft as spycraft.
Jonathan V. Last
EXCERPT FROM THIS ARTICLE: But once Flame was running, it was like something out of science fiction. Flame could watch a target even when he was completely alone. It could listen to every word he said on the telephone, or through Skype, or to a colleague walking past his desk. It could rifle through his computer files and find any document. Or peek into a cell phone sitting in someone’s pocket in the next room. It never had to worry about getting caught in the act. And on a moment’s notice, it could erase any sign that it was ever there. It kept up constant communication with its handlers, even when they were thousands of miles away, and it always followed orders.
Whoever engineered Flame didn’t just build the most spectacular computer worm ever made. They created the perfect spy
Last April, the Iranian Oil Ministry and the National Iranian Oil Company noticed a problem with some of their computers: A small number of machines were spontaneously erasing themselves. Spooked by the recent Stuxnet attack, which had wrecked centrifuges in their nuclear labs, the Iranians suspected a piece of computer malware was to blame. They went to the United Nations’ International Telecommunications Union and asked for help. After an initial investigation, it was determined that the Iranians had been hit with a new piece of malicious software; it was temporarily labeled Wiper. Or Viper. After translating the moniker into different languages, no one is quite sure what the original nickname was.
The experts from Turtle Bay quickly realized they were out of their depth with Wiper/Viper and contracted a Russian computer security firm, Kaspersky Lab, to help. As the techs at Kaspersky investigated, they began to find bits and pieces of a much bigger program. What they eventually uncovered forced them to put aside Wiper/Viper and send out an all-hands call to the tech community: a cyber-weapon that made Stuxnet look primitive. They called it Flame.
Stuxnet was like a guided missile with a targeted payload. It was created to spread rapidly, but always to be seeking a particular set of computers—machines made by Siemens and used to control centrifuge operations at a uranium enrichment plant. Once Stuxnet reached its destination, it had very precise instructions: It altered the speed of the centrifuges in such a manner as to slowly degrade the equipment and destroy the uranium they contained—all while sending false readings back to the operating console so that neither the computer nor the human supervisors would notice the damage being done.
If Stuxnet was like a missile, then Flame is more like a surveillance satellite.
Once a computer is infected by Flame, the program begins a process of taking over the entire machine. Flame records every keystroke by the user, creating a perfect log of all activity. It takes pictures of the screen every 60 seconds—and every 15 seconds when instant message or email programs are in use. It records all administrative action on the computer—taking note of network passwords, for instance. And it rummages through the computer’s hard drive copying documents and files. (more…)
- MARCH 31, 2011
An assault on Estonia in 2007 disrupted banking and other services for over a week.
Last week, the European Union revealed that its headquarters had come under a major cyber attack, likely state-sponsored, on the eve of the EU summit. Earlier this month, the French announced that they had been hit with a cyber assault at the end of 2010, probably launched by Chinese hackers, aimed at pilfering sensitive G-20 documents from finance ministry computers in Paris. Last fall, the Nasdaq suffered what looks like an organized-crime attack on a service it provides to corporate executives for exchanging confidential files.
But what if e-espionage aimed at the financial sector suddenly escalated into e-war? What if, for example, China, North Korea or Iran initiated a crippling assault against the West’s electronic financial network, where trillions of dollars worth of transactions occur every day?
Such an event would mean a massive and potentially long-lasting disruption to the flow of dollars and euros among banks, businesses and consumers. At a minimum, it would mean the loss or corruption of financial data at major stock and commodity exchanges. (more…)
Virtual war a real threat
The U.S. is vulnerable to a cyber attack, with its electrical grids, pipelines, chemical plants and other infrastructure designed without security in mind. Some say not enough is being done to protect the country.
By Ken Dilanian, Washington Bureau
March 28, 2011
Reporting from Washington
When a large Southern California water system wanted to probe the vulnerabilities of its computer networks, it hired Los Angeles-based hacker Marc Maiffret to test them. His team seized control of the equipment that added chemical treatments to drinking water — in one day.
The weak link: County employees had been logging into the network through their home computers, leaving a gaping security hole. Officials of the urban water system told Maiffret that with a few mouse clicks, he could have rendered the water undrinkable for millions of homes.
“There’s always a way in,” said Maiffret, who declined to identify the water system for its own protection.
The weaknesses that he found in California exist in crucial facilities nationwide, U.S. officials and private experts say.
The same industrial control systems Maiffret’s team was able to commandeer also run electrical grids, pipelines, chemical plants and other infrastructure. Those systems, many designed without security in mind, are vulnerable to cyber attacks that have the potential to blow up city blocks, erase bank data, crash planes and cut power to large sections of the country. (more…)
- JANUARY 18, 2011
A neat computer trick won’t stop Iran from getting the bomb.
By BRET STEPHENS
Long before there was the Stuxnet computer worm there was the “Farewell” spy dossier.
In 1980, a KGB officer named Vladimir Vetrov began passing secrets to French intelligence. Vetrov was in a position to know the names of a network of Soviet agents (known as Line X) involved in pilfering capitalist technologies, which is how Moscow managed to stay nearly competitive with the West.
Col. Vetrov’s Farewell dossier, as the French code-named it, eventually arrived at the desk of an American National Security Council official named Gus Weiss. It was Weiss who suggested to then-CIA director Bill Casey that the West not roll up the spy network right away, but rather that it be played for greater stakes.
“I proposed using the Farewell material to feed or play back the products sought by Line X,” he later wrote in an unclassified CIA history, “but these would come from our own sources and would have been ‘improved’. . . . Contrived computer chips found their way into Soviet military equipment, flawed turbines were installed on a gas pipeline. . . . The Pentagon introduced misleading information pertinent to stealth aircraft, space defense, and tactical aircraft. The Soviet Space Shuttle was a rejected NASA design.”
How well did the plan work? In June 1982, one of Casey’s “improved” computer control systems, containing a Trojan horse in its software, caused the trans-Siberian gas pipeline to explode. U.S. spy satellites captured images of what was described by former Air Force Secretary Thomas Reed as “the most monumental non-nuclear explosion and fire ever seen from space.”
Thus did the Soviet Union end up on the ash-heap of history.
Mahmoud Ahmadinejad at an Iranian nuclear plant. Stuxnet is watching.
NEWS & OBSERVER, Raleigh
Jan 16, 2011
The Dimona complex in the Negev desert is famous as the heavily guarded heart of Israel’s never-acknowledged nuclear arms program, where rows of factories make atomic fuel for the arsenal.
Over the past two years, according to experts familiar with its operations, Dimona has taken on a new, equally secret role – as a critical testing ground in a joint American and Israeli effort to undermine Iran’s efforts to make a bomb of its own.
Behind Dimona’s barbed wire, the experts say, Israel has spun nuclear centrifuges virtually identical to Iran’s at Natanz, where Iranian scientists are struggling to enrich uranium. They say Dimona tested the effectiveness the Stuxnet computer worm, a destructive program that now appears to have wiped out roughly a fifth of Iran’s nuclear centrifuges and helped delay, though not destroy, Tehran’s ability to make its first nuclear arms.
“To check out the worm, you have to know the machines,” said an American expert on nuclear intelligence. “The reason the worm has been effective is that the Israelis tried it out.”
Though American and Israeli officials refuse to talk publicly about what goes on at Dimona, the operations there, as well as related efforts in the United States, are among the newest and strongest clues suggesting that the virus was designed as an American-Israeli project to sabotage the Iranian program. (more…)
- WALL STREET JOURNAL
- JANUARY 5, 2011
Covert Action Makes a Comeback
Once in disrepute, secret warfare is now embraced even by the Obama administration to fight terrorism and weapons proliferation.
By MAX BOOT
That phrase went into disrepute in the 1970s, when Congress’s Church Committee exposed hare-brained CIA plots to eliminate foreign leaders, such as assassinating Fidel Castro with exploding cigars. President Ford banned assassinations, a chastened CIA cast many veteran officers into the cold, and Congress imposed new limits on covert activities. From then on the president would have to approve all operations in writing and notify senior members of Congress. There would be no more “wink-and-nod” authorizations.
Covert action made a comeback in the 1980s, as the U.S. directed billions of dollars in aid to the Afghan anti-Soviet mujahedeen—the most successful covert action in American history. Yet at the same time President Reagan’s National Security Council was pursuing a crazy scheme to sell weapons to Iran and channel some of the proceeds to the Nicaraguan Contras, so as to bypass a congressional ban on aid to the guerrillas. The Iran-Contra scandal almost brought down the Reagan administration and once again tarnished the reputation of covert action.
In the 1990s, out of an abundance of caution, the Clinton administration failed to act effectively against Osama bin Laden and the growing danger of al Qaeda. The CIA and the military’s Special Operations forces offered proposals for capturing or killing bin Laden and his senior lieutenants, but the risk-averse White House rejected them. (more…)
Stuxnet versus the Iranian nuclear program.
Jonathan V. Last
Last week Mahmoud Ahmadinejad acknowledged that Iran’s uranium enrichment program had suffered a setback: “They were able to disable on a limited basis some of our centrifuges by software installed in electronic equipment,” the Iranian president told reporters. This was something of an understatement. Iran’s uranium enrichment program appears to have been hobbled for the better part of a year, its technical resources drained and its human resources cast into disarray. The “software” in question was a computer worm called Stuxnet, which is already being viewed as the greatest triumph in the short history of cyberwarfare.
Stuxnet first surfaced on June 17 of this year when a digital security company in Minsk, VirusBlokAda, discovered it on a computer belonging to one of its Iranian clients. It quickly became clear that Stuxnet was not an ordinary piece of malware.
Stuxnet is not a virus, but a worm. Viruses piggyback on programs already resident in a computer. Worms are programs in their own right, which hide within a computer and stealthily propagate themselves onto other machines. After nearly a month of study, cybersecurity engineers determined that Stuxnet was designed to tamper with industrial systems built by the German firm Siemens by overriding their supervisory control and data acquisition (SCADA) protocols. Which is to say that, unlike most malware, which exists to manipulate merely virtual operations, Stuxnet would have real-world consequences: It wanted to commandeer the workings of a large, industrial facility, like a power plant, or a dam, or a factory. Exactly what kind of facility was still a mystery. (more…)
Stuxnet Worm Still Out of Control at Iran’s Nuclear Sites, Experts Say
By Ed Barnes
Published December 09, 2010 | FoxNews.com
Iran International Photo Agency, via AFP
Aug 21: The first fuel is loaded into the reactor building at the Russian-built Bushehr nuclear power plant in Iran.
EXCLUSIVE: Iran’s nuclear program is still in chaos despite its leaders’ adamant claim that they have contained the computer worm that attacked their facilities, cybersecurity experts in the United States and Europe say.
The American and European experts say their security websites, which deal with the computer worm known as Stuxnet, continue to be swamped with traffic from Tehran and other places in the Islamic Republic, an indication that the worm continues to infect the computers at Iran’s two nuclear sites.
The Stuxnet worm, named after initials found in its code, is the most sophisticated cyberweapon ever created. Examination of the worm shows it was a cybermissile designed to penetrate advanced security systems. It was equipped with a warhead that targeted and took over the controls of the centrifuge systems at Iran’s uranium processing center in Natanz, and it had a second warhead that targeted the massive turbine at the nuclear reactor in Bashehr.
Stuxnet was designed to take over the control systems and evade detection, and it apparently was very successful. Last week President Mahmoud Ahmadinejad, after months of denials, admitted that the worm had penetrated Iran’s nuclear sites, but he said it was detected and controlled.
The second part of that claim, experts say, doesn’t ring true. (more…)