Friday, June 1, 2012

BREAKING: Obama ordered Cyberattacks on Iran

Anyone with two brain cells to rub together suspected this anyway, but now there's confirmation:
WASHINGTON — From his first months in office, President Obamasecretly ordered increasingly sophisticated attacks on the computer systems that run Iran’s main nuclear enrichment facilities, significantly expanding America’s first sustained use of cyberweapons, according to participants in the program.
Hasan Sarbakhshian/Associated Press
Iran’s nuclear enrichment facility at Natanz.

Mr. Obama decided to accelerate the attacks — begun in the Bush administration and code-named Olympic Games — even after an element of the program accidentally became public in the summer of 2010 because of a programming error that allowed it to escape Iran’s Natanz plant and sent it around the world on the Internet. Computer security experts who began studying the worm, which had been developed by the United States and Israel, gave it a name: Stuxnet.
...

Told it was unclear how much the Iranians knew about the code, and offered evidence that it was still causing havoc, Mr. Obama decided that the cyberattacks should proceed. In the following weeks, the Natanz plant was hit by a newer version of the computer worm, and then another after that. The last of that series of attacks, a few weeks after Stuxnet was detected around the world, temporarily took out nearly 1,000 of the 5,000 centrifuges Iran had spinning at the time to purify uranium.

So it was a long-term effort sponsored by two administrations, which repeatedly hit the Iranian program.  There's a lot of hand wringing at the Times about how the "genie is out of the bottle" and everything - as if the genie has been sitting around looking for something to do these last ten years*.

So we have confirmation that the situation is as we've expected.  I have a post from two years back that goes into rather a lot of detail about how this sort of thing might have happened, and another that muses on the future of Information Warfare (and particularly on Cyber Defense).

* Just the other day, the genie made me a yummy grilled cheese sandwich, and then cleaned up the kitchen.  So if there's a little cyber-havoc on the side, clouds, silver linings and all that, eh?

6 comments:

Goober said...

I just hope that while team Obama is busy patting themselves on the back over this, that they don't forget that if we can do it to them, they can do likewise to us, and are making sure our security is top notch.

wolfwalker said...

Two thoughts on this story. Well, three.

1) there goes the goddamned New York Slimes again, publishing leaked information that is extremely damaging to national security.

2) I don't believe for an instant that Barry Lackwit actually ordered these attacks, unless the definition of "ordered" includes "failed to say 'no' when the guy who actually thought it up asked permission to do it."

3) Goober, half of me wants to say "you're joking, right? This country, with its fascination with Internet voting and webified smart-energy-meters, waste time and money on cyber-security?" The other half of me recalls conversations with someone who is ... um, not disconnected from the Internet security scene, and their accounts of how Certain People in Certain Three Letter Agencies do in fact take cyberwarfare and cybersecurity Very Seriously Indeed.

Borepatch said...

Wolfwalker, there's no denying that this is cut from the same cloth as the SEAL Team 6/Osama disclosures - the Administration is desperate to prop itself up in this election cycle. In fact, this is almost certainly targeted specifically at keeping the Jewish vote in the Democrat's camp. Obama quite frankly doesn't have anything else to serve up to that constituency.

And you know my opinion on both electronic voting and "smart" power meters. A solid audit trail is a huge win for both of these, because neither of them have any stinking security ...

Dave H said...

I think electronic voting machines should be open source. We should be able to review how our votes are tallied, stored, and reported.

As for smart power meters, well, I design those for a living and I'd be embarrassed to let anyone see my code. (grin) But we are taking electronic security seriously, and a big part of our requirements involve logging and audit trails.

Charles Lee Scudder said...

Opsec the level of high school gossip girls. I just might vote obama lite instead. Don't recall him letting national security secrets out.

Windy Wilson said...

"Mr. Obama decided that the cyberattacks should proceed."
As I was told in Law School, "Mr.Wilson, even a blind sow finds an acorn now and then."