This week in New Delhi, President Obama went further than any of his predecessors toward embracing India as an ally, and most Indians are thrilled by this warm treatment. This does not mean, however, that the two countries will align all of their foreign policies. In some areas, India would like the United States to change its approach.
One key difference is over Iran. India has the wiser policy, and Obama should consider emulating it.
Despite some changes in atmospherics, Obama’s approach to Iran has been remarkably similar to the one President George W. Bush took in his second term: don’t bomb Iran, but continue to threaten that “all options are on the table’’; steadily intensify economic sanctions, despite ample evidence that they weaken civil society and lavishly enrich the repressive Revolutionary Guard; insist on negotiations on the nuclear issue, but refuse to broaden the agenda to include issues that concern Iran.
India, like many other regional powers, takes the Iranian threat far less seriously than the United States does. It does not see Iran as an existential threat to anyone, but rather as just another thuggish country with resources, and wants to see it enticed back into the world’s mainstream. India would like the United States to adopt a more accommodating policy toward Iran — and could even serve as the bridge that makes it possible.
In an unprecedented move, Iran’s Islamic Revolutionary Guards Corps (IRGC) has directly blasted President Mahmud Ahmadinejad over controversial comments he made recently, including saying that parliament is not on top of the country’s affairs.
Ahmadinejad was also criticized for promoting an “Iranian school of thought” instead of an Islamic one.
Ahmadinejad has in recent weeks come under fire by his hard-line allies and conservatives over his new nationalistic rhetoric. So far, the IRGC, whose power and influence has grown since Ahmadinejad came to power, had not publicly criticized the Iranian president.
The unusual attack by the IRGC, coming in one of its main publications, is seen by analysts as a warning issued to Ahmadinejad from Iran’s supreme leader, Ayatollah Ali Khamenei, with the intention of trying to tame the Iranian president.
What kind of institutional entity do the hacks in Washington constitute such that they can have a “dean”?
When David Broder is referred to as the dean of the Washington press corps, I guess it’s just a complimentary way of saying the old guy. But Broder’s nine years younger than Helen Thomas. How come she never rose to the same stature? Is baldness a requirement?
In spite of his institutional stature, Broder’s mental capacities have in recent years come into question and his op-ed in the Washington Post on Sunday provides yet another occasion to wonder what is going on inside this man’s brain as he pushes for war against Iran.
Look back at FDR and the Great Depression. What finally resolved that economic crisis? World War II.
Here is where Obama is likely to prevail. With strong Republican support in Congress for challenging Iran’s ambition to become a nuclear power, he can spend much of 2011 and 2012 orchestrating a showdown with the mullahs. This will help him politically because the opposition party will be urging him on. And as tensions rise and we accelerate preparations for war, the economy will improve.
I am not suggesting, of course, that the president incite a war to get reelected. But the nation will rally around Obama because Iran is the greatest threat to the world in the young century. If he can confront this threat and contain Iran’s nuclear ambitions, he will have made the world safer and may be regarded as one of the most successful presidents in history.
So another war is going to rescue the economy? But just a minute — if war’s such an excellent economic tonic, how come we aren’t already in great shape? A decade of war just hasn’t been quite enough?
It’s easy to mock Broder’s prescription and even to wonder whether he’s lost his grip on reality, but maybe he’s not quite as crazy as he sounds. Read more carefully, this is not actually a call for war — it is a call for the continuously escalating threat of war.
This is indeed the most likely “lesson” that some have drawn from the experience of Iraq: that the best kind of war is the one that has yet to be fought. A war that can be budgeted for, equipped for, and around which politicians can construct their postures of strength, resolution and righteousness. The context is one in which we have been encouraged to think that war is normal. War is in fact so normal that Washington pundits can now present it as a useful economic tool.
Washington’s lead comes from Israel, which has less interest in starting a war with Iran than in promoting the idea that war might be just over the horizon — a kind of Goldilocks war, not too far away and not too close, but just close enough. In this delicately modulated threat of mayhem, Iran itself remains politically and economically boxed in, while issues which merit more urgent attention — namely the intractable Israeli-Palestinian conflict — can be shunted to one side.
Two countries so heavily invested in manufacturing the means for engaging in war, actually have less interest in wars being fought than in a war-footing constantly being maintained. The problem is, a war posture can only be maintained for so long and momentum only be built up so much before a turning point is reached: war either then becomes inevitable or a real alternative has to be pursued.
Only through the hubris which metastasizes inside the brains of those trapped inside the Washington bubble, can anyone fail to see that the process of backing Iran into a corner risks the United States becoming trapped by the narrow logic of its own strategy. War is not normal. It is a failure of imagination.
“Iran is not the enemy, Israel is the enemy,” the head of the Center for Strategic Studies in Saudi Arabia declared in an interview with Al Jazeera. This was his response to a question on whether the $60 billion arms deal between Riyadh and Washington was meant to deter Iran. The American efforts to portray the deal as aimed against Tehran doesn’t fit with the Saudi point of view, and it seems this isn’t the only subject over which these two countries fail to see eye to eye.
Iranian President Mahmoud Ahmadinejad spoke with King Abdullah of Saudi Arabia twice last week, and Iran reported that a senior Iranian official would visit Riyadh soon. It’s not clear if it will be Foreign Minister Manouchehr Mottaki or the head of the National Security Council, Saeed Jalili.
But the frequent contacts between Iran and Saudi Arabia are not over the big arms deal or Iran’s nuclear plans. The two countries have concluded that they need to reach an agreement on two other issues regarding their sphere of influence in the region: Iraq and Lebanon.
Regarding Lebanon, Iran is trying to persuade Saudi Arabia to help stop the work of the special international tribunal investigating the assassination of former Lebanese Prime Minister Rafik Hariri. This would prevent the collapse of the Lebanese regime. While Iran is worried about Hezbollah’s status, it also doesn’t want Lebanon to collapse or fall into another civil war, whose results cannot be ensured.
In this respect, Tehran doesn’t have to make too great an effort to get Riyadh’s support. This became clear last week to Jeffrey Feltman, the U.S. Assistant Secretary of State for Near Eastern Affairs and a former U.S. ambassador to Beirut, when he visited Riyadh. During his meeting with King Abdullah, the monarch tried to figure out America’s position if the international court’s work were stopped. Arab sources say Feltman was “furious but restrained,” and made it clear to the king that Washington was determined to support the tribunal.
With all due respect to the American insistence, if the client that is supposed to pay Washington $60 billion decides it’s vital to halt the tribunal’s work, it won’t make do with consulting the Americans. It will throw its full weight behind the efforts. Meanwhile, the indictment the tribunal is due to publish is not expected before February.
Hardline Israeli Foreign Minister Avigdor Lieberman has commissioned a report on how to prepare for a nuclear-armed Iran as doubt mounts about the efficacy of preventive action, an Israeli source said on Monday.
Publicly, Israel has pledged to deny the Iranians the means to make a bomb but its previous, centrist government also discreetly drew up “day after” contingency plans should Tehran’s uranium enrichment pass the military threshold.
At the time, rightist opposition leader Benjamin Netanyahu called for Israel to consider preemptive strikes against its arch-foe’s nuclear sites. Now prime minister, Netanyahu has reined in such rhetoric while not ruling out the use of force.
In a sign the government is examining a full range of options, Lieberman, the most hawkish member of Netanyahu’s coalition, has ordered ministry strategists to draft a paper on “what to do if we wake up and discover the Iranians have a nuclear weapon,” said the senior Israeli political source, who declined to be named due to the sensitivity of the matter.
Considering the fact that Israeli leaders have been sounding the alarm about Iran’s “imminent” acquisition of nuclear weapons for over a decade, it’s a bit late in the day to be working on a “day after” plan. Indeed, it suggests rather strongly that despite warning that another Holocaust might be just around the corner, the leaders of a nation protected by its own arsenal of around 200 nuclear weapons has never been quite as afraid of Iran as they claimed.
While the Iranian president’s visit to Southern Lebanon is being portrayed in the Western media largely in terms of an act of provocation directed at Israel by an antagonist and intruding regional power, the historical ties between that part of Lebanon and Iran span centuries.
When Iranian President Mahmoud Ahmadinejad tours Lebanon’s border with Israel today, he may pause a moment to consider that Iran owes its existence as a Shiite nation to the ancestors of those living in these rural hilltop villages.
Iran wasn’t always the center of Shiite scholarship
In the early 16th century, the center for Shiite scholarship was in an area known as Jabal Amil, a rugged hill country that conforms closely to the geographical perimeters of modern-day south Lebanon. When Shah Ismael I, the Safavid ruler of Iran, introduced Shiism as the state religion in the 16th century, he turned to the scholars of Jabal Amil to help promulgate the new faith.
Dozens of scholars traveled to Iran, settling there, marrying, learning Persian, and involving themselves in the rivalries and intrigues of the Safavid court. It was the beginning of a linkage of families and learning between two Shiite communities lying at opposite ends of the Middle East that remains today.
Reports that Ahmadinejad received a hero’s welcome are put in perspective by Nussaibah Younis, who writes:
The support that Ahmadinejad enjoys in Lebanon’s Shia heartlands can be compared to the support that a corporate sponsor might expect from Manchester United fans: bored gratitude. The biggest cheer that Ahmadinejad’s speech managed to raise out of the crowd came when he thanked Hezbollah’s leader, Hassan Nasrallah, as a “dear warrior and scholar”.
Nasrallah was the real star of the show. Rumours that he might appear in person at the rally drew large expectant crowds. Though there was a sigh of disappointment when Nasrallah only appeared via video link, the forceful and impassioned clarity with which he spoke whipped the crowd into a flag-waving and slogan-chanting frenzy. Nasrallah spoke mindfully of his larger audience in Lebanon, and tried the novel approach of presenting Iran’s foreign policy as “unifying”. He praised Iran’s supreme leader, Ayatollah Ali Khamenei, for issuing a fatwa forbidding Muslims to react to the Qur’an burning-fiasco in the US with “similar acts”, claiming that Iran was acting in the best interests of Christian-Muslim unity.
He also congratulated the Iranian cleric for his handling of a highly controversial London conference in which a little-known Shia activist disparaged Aisha, the wife of the prophet Muhammad, who is highly revered by Sunnis but considered a traitor by many Shias. Iran’s supreme leader Khamenei had responded with a statement forbidding insulting talk about the wives of the prophet, thereby – according to Nasrallah – acting as a force for unity between Sunnis and Shias.
Many Lebanese would have a lot to say about claims that Iran is a “unifying force in the region”, but the speech did make clear that Nasrallah’s crowd appeal is unmatched and that his power among many Shias does not need to be enforced by Iran. If anything, Hezbollah deftly staged a welcome for Ahmadinejad designed to encourage the Iranians to dig deeper and give more generously to Hezbollah’s cause.
“It’s 1938 and Iran is Germany and it’s racing to arm itself with atomic bombs,” Benjamin Netanyahu declared four years ago.
By 1942, Germany had snared itself in the disastrous Battle of Stalingrad — but let’s allow Netanyahu some latitude with his metaphor and assume that it’s still 1938 and that Iran’s race has merely suffered a few interruptions.
So, it’s still 1938 and Iran’s Hitler has come to Israel’s border to survey the nation he intends wiping off the map.
In anticipation of this historic moment, Aluf Benn wrote last month:
Netanyahu will have a one-time opportunity to stop the new Hitler and thwart the incitement to genocide. Ahmadinejad will pay his first visit to Lebanon and devote an entire day to a tour of the southern part of that country. He will visit sites where Hezbollah waged battles against Israel and, according to one report, he will also pop over to Fatima Gate, just beyond the border fence at Metula. The route is known, the range is close and it is possible to send a detail across the border to seize the president of Iran and bring him to trial in Israel as an inciter to genocide and Holocaust denier.
The media effect will be dramatic: Ahmadinejad in a glass cage in Jerusalem, with the simultaneous translation earphones, facing grim Israeli judges. In the spirit of the times, it will also be possible to have foreign observers join them (David Trimble of the Turkel commission was a leader of the “try the Iranian president” initiative ).
There are also operational advantages: Iran will hesitate to react to its president’s arrest by flinging missiles, out of fear for their leader’s life. It will also be possible to capture Hezbollah leader Hassan Nasrallah, who will no doubt emerge from his hiding place and accompany Ahmadinejad. Israel will have high-ranking hostages it will be able to exchange for Gilad Shalit.
And if the world has any complaints, it will be reminded that the Americans invaded Panama in order to arrest its ruler Manuel Noriega – and only for dealing drugs, a far smaller offense than incitement to genocide.
Of course, the idea also has disadvantages. Ahmadinejad might be killed in the action and Iran would embark on a cruel war of revenge. The precedent of arresting leaders would endanger Israeli personages suspected abroad of crimes against humanity or murder (according to the Goldstone report and the flotilla report ). Ahmadinejad could be acquitted and make Israel look like a bully and Netanyahu a fool.
Nevertheless, how can Netanyahu refrain from an action to stop Hitler’s heir, when the year is already 1939, if not 1940? According to Netanyahu’s reasoning, if he refrains from acting history will condemn him for “not preventing a crime,” as with Margalit Har-Shefi, who didn’t stop Yigal Amir from assassinating Yitzhak Rabin.
Benn’s point was not to advocate a reckless course of action but to underline the difference between rousing rhetoric and statesmanship.
For all those inside and outside Israel who swallowed Netanyahu’s rhetoric however, this is a telling moment to reflect on the proposition that the clown from Tehran — provocative as he might be — can seriously be compared to Hitler. Anyone who still clings to this notion must now consider its corollary: that if Ahmadinejad is Hitler, then Netanyahu — through his inaction — turns out to be a Chamberlain not Churchill.
So how truly significant is it that Iran’s president is currently now enjoying all the honors of a visiting head of state (even though he isn’t one)?
Rhami Khouri puts the drama in perspective and says:
[Ahmadinejad’s] visit represents a blow to Washington’s strategy of bringing Lebanon firmly into its orbit.
For most Arab governments, the Iranian-Hizbullah connection represents everything they fear for their own incumbency: armed Shiite movements inside countries where mostly Sunni Muslim Arabs dominated public life; popular resistance movements that do battle according to their own strategic calculations; Iranian meddling in Arab affairs; and, Arab mass movements that connect with compatriots across the region in their common opposition to and defiance of conservative Arabs, Israel and the US itself.
So at some levels it is understandable why so many people in the region and abroad are making a lot of noise about the Iranian president’s visit to Lebanon. At another level, though, that of substance vs. symbolism, this is a pretty routine event that does not necessarily break new ground, but mainly reflects and emphasizes existing political realities that generate frenzied, nearly hysterical, reactions on both sides.
The irony is that by elevating his importance on the international stage while his real challenges come from home, no one serves Iran’s president as more effective publicists than do Israel and the United States.
Ahmadinejad has never been more unpopular in Iran, not only with the public but also his conservative allies and the clergy. By going to Lebanon, he is going to one of the last places where the Islamic Republic still has genuine support. When he speaks in Bint Jbeil, unlike in Iran, schools won’t be closed and civil servants won’t be threatened with dismissal unless they attend the president’s speech. People will voluntarily turn up because they genuinely support the Islamic republic and will pay respect to almost any senior Iranian politician.
By going to Lebanon, Ahmadinejad will primarily be using the occasion to try to strengthen his support back home with the public, and with the Revolutionary Guards, whose support is important to him. He will also be trying to outshine his rivals such as Ali Larijani and Hashemi Rafsanjani by using the trip to say that he is the true face of Iran abroad, and not them.
This development will also benefit supreme leader Ali Khamenei, who is most probably very concerned about Ahmadinejad’s flagging popularity.
What is important to note is that such a visit did not take place when Khatami was president. If anyone deserves to be in southern Lebanon, it is him, and not Ahmadinejad. Israel evacuated southern Lebanon in May 2000 on Khatami’s watch, not Ahmadinejad’s.
However, Khamenei did not send Khatami to southern Lebanon because he was not worried about his unpopularity. In fact, compared with Ahmadinejad, he was far more popular. The opposite is true about Ahmadinejad and this is why Khamenei, for the sake of his regime, is sending him there.
The RealNews Network has an interesting report on Ahmadinejad’s posture as an anti-capitalist.
The U.S. has been wooing Netanyahu for weeks with offers including a squadron of F-35 fighters, support for a long-term Israeli troop presence in a new Palestinian state, and a pledge to veto any anti-Israel resolutions passed by the United Nations Security Council. The U.S. also is offering access to its satellites that could provide early warning of attacks.
To the Palestinians, the White House is pledging support for their position on the exact location of borders for a future state in exchange for a promise to continue negotiating even if Israel refuses to extend the construction moratorium.
Although the Obama administration was expected to eventually give out incentives to keep the negotiations alive, diplomats and other observers say they are surprised that it has offered so much, so early for such a small victory: a commitment by both sides to keep talking.
“From the left to the right, people are saying that the administration is looking desperate,” said Robert Danin, a former U.S. official and an advisor to former British Prime Minister Tony Blair, an envoy to the region for the United Nations, U.S., European Union and Russia.
Making a hint that they will be used to bomb Iran, he described them as being “one of the answers” for dealing with the “problem” of Tehran.
Israel will get the jets at a discount, pay for them with US tax dollars (through recession-proof military aid), while also likely profiting from F-35 production — it has expressed an interest in manufacturing 25% of the wings of the more than 3,000 aircraft Lockheed expects to build.
The jets won’t be delivered until about 2016, but by that point Israel’s war-mongers no doubt feel optimistic that there will be a war-friendly Republican administration in place — though whether GOP control of the White House is necessary to serve Israel’s needs, is highly debatable.
Ben D, a commenter at this site and Arms Control Wonk is skeptical about my assertion that Siemens SCADA software is being used at Iran’s Bushehr nuclear facility. I based that claim on a UPI photograph that led the German industrial security expert, Ralph Langner, to speculate that Bushehr was the intended target of the Stuxnet malware.
These are Ben’s qualms:
Concerning the UPI image of a control panel with a MS look window superimposed that says.. “WinCC Runtime License: Your software license has expired. Please obtain a valid license”, well it doesn’t prove a thing.
First of all, the WinCC window could so easily be a photo- shopped overlay on the image of a process control panel.
Secondly, the Control Panel image is typical of process control panels everywhere and even if the WinCC window was not photo-shopped, what has that got to do with Bushehr. There is nothing else in the image to provide any information whatsoever about the local environment to provide any context as to its locality or purpose.
Thirdly, UPI does not provide a source for anyone claiming that the UPI Photo by Mohammad Kheirkhah is actually Bushehr, they just provide a narrative to imply that it is.
Fourthly, Ralph Lagner is not claiming the UPI image is actually genuine or that it is of Bushehr, he merely prefaces his speculative theory with ” If the picture is authentic, which I have no means of verifying,….”.
Has the image been doctored? I’m not in a position to determine that, but the Hacker Factor Blog did some image analysis and concluded that it was not doctored. He has other reasons for questioning whether it was taken at Bushehr but found no evidence that it had been manipulated with Photoshop.
This image apparently confirms that the photograph is of a computer monitor and the continuity in the ripple pattern across the part of the screen where the WinCC message appears seems to confirm that this was not inserted from a different screen image. (This ripple pattern can be seen both in the blue image and the close-up image.)
So, assuming that the WinCC expired-licence message was actually appearing on that monitor screen, is there any evidence that the monitor and the control system it depicts is in Bushehr?
Frankly, I was willing to accept that UPI was not misrepresenting or incorrectly labeling its photos, but still, some additional analysis was both in order and turned out to be fruitful. There is indeed evidence that this image depicts a Bushehr control system.
The elements in the schematic have a uniform numbering system — UA04B001, UA04B002 etc.
Another UPI photograph appears to show the physical components depicted on the system control monitor. This vessel shown on the right is numbered UA06B002. That particular number doesn’t appear on the monitor image but it’s hard to believe that this is not part of the same system.
OK. But maybe the screen image and the image of an Iranian technician turning a valve were taken some place other than Bushehr.
Well, UPI’s photographer was one among a group of international journalists who were shown around Bushehr in February 2009. They included Jon Leyne, a reporter for the BBC, and a video in his report shows the same assembly of pale gray vessels that appear in the UPI photo. Indeed, an AFP image in the same report shows the same technician, from a different angle, doing his valve-turning performance for the assembled press.
With the evidence that I’ve laid out I will assert with even more confidence that the Bushehr nuclear plant uses Siemens WinCC SCADA software. I also see little reason to doubt that Iranian officials were telling the truth when they said that Stuxnet had been found on personal computers used by the facility’s operators. What I remain skeptical about is their claim that the malware did not penetrate the system. How confident the Iranians are on that question may become evident in the coming months when the plant begins or fails to begin generating electricity.
A USB memory stick carrying the Stuxnet malware is believed to have provided intruders with access to Iran’s nuclear program. The same technique was used in November 2008 to break into CENTCOM, providing a foreign government with unfiltered access to the Pentagon’s command of the wars in Iraq and Afghanistan. Did both attacks come from the same source?
Cyber warfare has quietly grown into a central pillar of Israel’s strategic planning, with a new military intelligence unit set up to incorporate high-tech hacking tactics, Israeli security sources said on Tuesday.
Israel’s pursuit of options for sabotaging the core computers of foes like Iran, along with mechanisms to protect its own sensitive systems, were unveiled last year by the military intelligence chief, Major-General Amos Yadlin.
The government of Prime Minister Benjamin Netanyahu has since set cyber warfare as a national priority, “up there with missile shields and preparing the homefront to withstand a future missile war”, a senior source said on condition of anonymity.
Back in 1997, when the US did not overtly support political assassinations, President Clinton intervened to save the life of Khalid Meshaal. The Hamas political bureau chief had been poisoned by Mossad operatives (carrying stolen Canadian passports) on the streets of Jordan’s capital, Amman.
Clinton wasn’t trying to help Hamas but knew that a peace treaty he had helped broker between Israel and Jordan would be in jeopardy if Prime Minister Netanyahu thought he could disregard the sovereignty of Jordan and carry out assassinations with impunity. Likewise, neither King Hussein nor the Canadian government believed that Israeli actions showing a flagrant disregard for the authority of their respective governments could go unanswered.
Netanyahu would probably have found Clinton’s pressure unpersuasive were it not for the fact that the Israeli operatives had already been arrested. In exchange for their release, the Israelis supplied the antidote that saved Meshaal’s life while also releasing the Hamas spiritual leader Sheikh Ahmed Yassin.
Then came 9/11.
Before long, Yassin had been assassinated, the US was using Israeli methods of torture in its campaign against an amorphous Islamic threat, Israel’s own war crimes were sanctioned by the US in the name of the war on terrorism, and the use of stolen foreign passports by Mossad agents committing murder on foreign soil provoked nothing more than a diplomatic slap on the wrists.
The willingness of this and the previous administration to allow Israel to disregard international law shows that even if the Israel lobby can no longer flourish like a night flower, its power is barely diminished. Even so, the appearance of the Stuxnet malware should be a wake-up call to every government around the world that refuses to place Israel’s national interests above its own.
In its conception, Stuxnet can be viewed very much like a targeted killing — but one designed to attack silently and leave no trace of its origin.
It’s creators understood that they had designed an exceedingly dangerous weapon and so they made sure its damage could be contained. But it seems not to have worked according to plan and so caution got tossed out of the window. Apparently, Israel did what it has done so many times before: pursued what it regarded as its own interests with an utter disregard for the international consequences.
The original infection method, which relied on infected USB drives, included a counter that limited the spread to just three PCs, said [Liam] O Murchu [operations manager with Symantec’s security response]. “It’s clear that the attackers did not want Stuxnet to spread very far,” he said. “They wanted it to remain close to the original infection point.”
O Murchu’s research also found a 21-day propagation window; in other words, the worm would migrate to other machines in a network only for three weeks before calling it quits.
Those anti-propagation measures notwithstanding, Stuxnet has spread widely. Why?
Kaspersky’s [Roel] Schouwenberg [a senior antivirus researcher] believes it’s because the initial attack, which relied on infected USB drives, failed to do what Stuxnet’s makers wanted.
“My guess is that the first variant didn’t achieve its target,” said Schouwenberg, referring to the worm’s 2009 version that lacked the more aggressive propagation mechanisms, including multiple Windows zero-day vulnerabilities. “So they went on to create a more sophisticated version to reach their target.”
That more complex edition, which O Murchu said was developed in March of this year, was the one that “got all the attention,” according to Schouwenberg. But the earlier edition had already been at work for months by then — and even longer before a little-known antivirus vendor from Belarus first found it in June. “The first version didn’t spread enough, and so Stuxnet’s creators took a gamble, and abandoned the idea of making it stealthy,” said Schouwenberg.
In Schouwenberg’s theory, Stuxnet’s developers realized their first attempt had failed to penetrate the intended target or targets, and rather than simply repeat the attack, decided to raise the ante.
“They spent a lot of time and money on Stuxnet,” Schouwenberg said. “They could try again [with the USB-only vector] and maybe fail again, or they could take the risk of it spreading by adding more functionality to the worm.”
O Murchu agreed that it was possible the worm’s creators had failed to infect, and thus gain control, of the industrial systems running at their objective(s), but said the code itself didn’t provide clear clues.
What is clear, O Murchu said in a news conference Friday morning, is that Stuxnet evolved over time, adding new ways to spread on networks in the hope of finding specific PLCs (programming logic control) hardware to hijack. “It’s possible that [the attackers] didn’t manage to get to all of their targets [with the earlier version],” O Murchu said. “The increased sophistication of Stuxnet in 2010 may indicate that they had not reached their target.”
With the proliferation of Stuxnet, Schouwenberg said that the country or countries that created the worm may have themselves been impacted by its spread. But that was likely a calculated risk the worm’s developers gladly took.
And that risk may have been quite small. “Perhaps they knew that their own critical infrastructure wouldn’t be affected by Stuxnet because it’s not using Siemens PLCs,” Schouwenberg said.
The danger now posed by Stuxnet is not simply through its direct proliferation but by virtue of the fact that it provides a blueprint that can be adapted by other parties who would otherwise lack the resources to create malware this sophisticated from scratch.
What might have been conceived as a tool to prevent the creation of a weapon of mass destruction could itself be turned into a WMD.
“Stuxnet opened Pandora’s box,” said Ralph Langner, a German researcher whose early analysis of the worm’s ability to target control systems raised public awareness of the threat. “We don’t need to be concerned about Stuxnet, but about the next-generation malware we will see after Stuxnet.”
Sean McGurk, director of the U.S. National Cybersecurity and Communications Integration Center at the Department of Homeland Security, said that the department posted its first report to industry recommending steps to mitigate the effects of Stuxnet on July 15. But “not even two days later,” he said, a hacker Web site posted the code so that others could use it to exploit the vulnerabilities in Microsoft.
“So we know that once the information is out in the wild, people are taking it and they’re modifying it,” he said.
In other words, what started as an Israeli cyber attack on nuclear installations in Iran could end up crashing the US powergrid or causing havoc anywhere else on the globe.
Even before Stuxnet loomed over the horizon, serious warnings were being issued about the United States’ vulnerability to a crippling cyber attack, yet thus far none of those raising the alarm have pointed to the ways in which Israel’s cyber warfare capabilities may now indirectly or directly threaten the United States and its interests.
– – –
Late last year, 60 Minutes reported on America’s vulnerability to a major cyber attack.
Ever since speculation began, suggesting that Israel is the source of the Stuxnet malware, there has been a buzz of excitement in the Zionist corner of the blogosphere. The DEBKAfile — trusted source for pro-Israel fantasists all over the world — declared that if it turns out that millions of Iranian industrial units have been hit, “this cyber weapon attack on Iran would be the greatest ever.”
Glee at such a prospect is not shared by observers who lack the Zionist pathological obsession with Iran.
Stephen Spoonamore, a veteran cybersecurity consultant interviewed by NPR said: “I can think of very few stupider blowback decisions” than to release code that controls most of the worlds’ hydroelectric dams or many of the world’s nuclear plants or many of the world’s electrical switching stations.
The Stuxnet computer worm has wreaked havoc in China, infecting millions of computers around the country, state media reported this week.
Stuxnet is feared by experts around the globe as it can break into computers that control machinery at the heart of industry, allowing an attacker to assume control of critical systems like pumps, motors, alarms and valves.
It could, technically, make factory boilers explode, destroy gas pipelines or even cause a nuclear plant to malfunction.
The virus targets control systems made by German industrial giant Siemens commonly used to manage water supplies, oil rigs, power plants and other industrial facilities.
“This malware is specially designed to sabotage plants and damage industrial systems, instead of stealing personal data,” an engineer surnamed Wang at antivirus service provider Rising International Software told the Global Times.
“Once Stuxnet successfully penetrates factory computers in China, those industries may collapse, which would damage China’s national security,” he added.
Another unnamed expert at Rising International said the attacks had so far infected more than six million individual accounts and nearly 1,000 corporate accounts around the country, the official Xinhua news agency reported.
Jeffrey Carr, author of “Inside Cyber Warfare,” describes what he believes is the first example of Stuxnet’s destructive power: the loss of India’s INSAT-4B communications satellite which shut down in July. The satellite’s control systems use Siemens S7-400 PLC and SIMATIC WinCC software, both of which are targeted by Stuxnet.
If speculation that Stuxnet was created by Israel has been driven by the circumstantial evidence that Israel’s nemesis Iran appears to have been the primary target, there is now some subtle but concrete evidence again pointing in Israel’s direction.
Buried in Stuxnet’s code is a marker with the digits “19790509” that the researchers believe is a “do-not infect” indicator. If the marker equals that value, Stuxnet stops in its tracks, and does not infect the targeted PC.
The researchers — Nicolas Falliere, Liam O Murchu and Eric Chen — speculated that the marker represents a date: May 9, 1979.
“While on May 9, 1979, a variety of historical events occurred, according to Wikipedia “Habib Elghanian was executed by a firing squad in Tehran sending shock waves through the closely knit Iranian Jewish community,” the researchers wrote.
Elghanian, a prominent Jewish-Iranian businessman, was charged with spying for Israel by the then-new revolutionary government of Iran, and executed May 9, 1979.
Deep inside the computer worm that some specialists suspect is aimed at slowing Iran’s race for a nuclear weapon lies what could be a fleeting reference to the Book of Esther, the Old Testament tale in which the Jews pre-empt a Persian plot to destroy them.
That use of the word “Myrtus” — which can be read as an allusion to Esther — to name a file inside the code is one of several murky clues that have emerged as computer experts try to trace the origin and purpose of the rogue Stuxnet program, which seeks out a specific kind of command module for industrial equipment.
Not surprisingly, the Israelis are not saying whether Stuxnet has any connection to the secretive cyberwar unit it has built inside Israel’s intelligence service. Nor is the Obama administration, which while talking about cyberdefenses has also rapidly ramped up a broad covert program, inherited from the Bush administration, to undermine Iran’s nuclear program. In interviews in several countries, experts in both cyberwar and nuclear enrichment technology say the Stuxnet mystery may never be solved.
There are many competing explanations for myrtus, which could simply signify myrtle, a plant important to many cultures in the region. But some security experts see the reference as a signature allusion to Esther, a clear warning in a mounting technological and psychological battle as Israel and its allies try to breach Tehran’s most heavily guarded project. Others doubt the Israelis were involved and say the word could have been inserted as deliberate misinformation, to implicate Israel.
The same report cites Shai Blitzblau, the technical director and head of the computer warfare laboratory at Maglan, an Israeli company specializing in information security, who said he was “convinced that Israel had nothing to do with Stuxnet.”
“We did a complete simulation of it and we sliced the code to its deepest level,” he said. “We have studied its protocols and functionality. Our two main suspects for this are high-level industrial espionage against Siemens and a kind of academic experiment.”
Did Blitzblau present his findings at this week’s VB Conference in Vancouver where Stuxnet was the focus of attention? No — which is not surprising given his vacuous claim to have studied the code at its deepest level while other experts say it will take months to penetrate the thousands of lines of code contained in a 500kB piece of software.
As for why Israeli programmers would have inserted clues about about authorship deep inside the malware, the most obvious explanation would be the most prosaic: pride.
Even when the utmost secrecy is called for, there are those who cannot resist the temptation to leave their mark.
As for the significance of another finding — June 24, 2012 is the “kill date” after which the worm will refuse to execute — again, we can only speculate.
Is this the cut-off point for Israel’s campaign of cyber warfare against Iran after which will come the time for real war? Right in the run up to the 2012 US presidential election.
For anyone blogging in the US or most other democratic countries, it’s easy to take freedom of speech for granted. The case of Hossein Derakhshan, an Iranian-Canadian blogger who was just sentenced to 19 years in prison, is a salutary reminder of the dangers individuals face when simply voicing their thoughts in a country like Iran. Earlier reports that he might get a death sentence are believed to have been a way to make his actual sentence appear in some way lenient.
Arrested in October 2008, Derakhshan had been charged with “cooperation with hostile states” and “propagating against the regime”, among other counts, the site said. In addition to the lengthy prison term, he was fined and banned from membership in political parties and work in the media for a period of five years.
“We are shocked,” one of Derakhshan’s relatives told IPS on condition of anonymity due to the sensitivity of the case and fears of a backlash by security forces. “We never expected this to happen. Even according to Iranian laws, he has not done anything to deserve such a harsh sentence.”
Neither the family nor Derakhshan’s lawyer was aware of the sentence until it appeared on Mashreq’s website. His relative told IPS that Derakhshan did say that after two years in prison, “My state of uncertainty has finally ended,” referring to his long detention without any progress in his case.
Mohammad Ali Mahdavi, Derakhshan’s lawyer, told IPS that the verdict still has not been announced even to him. “I’m waiting for the official announcement to start working on the defence bill for the appeals court,” he said, adding, “I prefer to defend my client rather than bringing the case to the media as it might endanger the fate of the case at this phase.”
Judge Abolqasem Salavati is amongst three judges who are well-known for issuing long and harsh sentences for political prisoners, particularly the post-election detainees. His rulings have included the death sentence and numerous long-term prison sentences.
“I believe that first of all, the charges are totally unfounded, and the verdict demonstrates the injustice that many people have been talking about all these years,” Nikahang Kowsar, an award-winning Iranian cartoonist and blogger based in Toronto, where Derakhshan used to live, told IPS.
“Hossein wasn’t a very nice guy to many of us,” Kowsar said. “He criticised many journalists, bloggers and activists for being critical of the Iranian regime and ridiculing Iran’s leaders. He called us ‘agents of neo-liberalism’ or ‘enemies of Iran’ and tried to portray us as the ones willing to sell our nation to the West, but he was absolutely entitled to express his mind.”
Derakhshan, also known as Hoder, has been dubbed Iran’s “Blogfather” for his role in promoting blogging among Iranians via his popular website, hoder.com.
Immediately following the reform era in 1999, Derakhshan was a technology and internet columnist for one of the reformist newspapers in Tehran. In 2000, he moved to Canada and continued his work as a full-time blogger in Toronto.
In 2006, Derakhshan traveled to Israel as a Canadian citizen, a trip that caused a huge controversy in Iran and abroad, as Iranian law forbids Iranian citizens from traveling to Israel.
“We have a saying in Iran: ‘There is freedom of speech in Iran, but there is no freedom after speech in Iran’,” said Kowsar. “His captors are willing to make an example of him for others,” he added.
Derakhshan’s former wife, Marjan Alema was interviewed on Canadian television earlier today:
An AFP report earlier today reveals that the Stuxnet malware has been found at Iran’s nuclear power plant at Bushehr. (All the blockquotes below are from the AFP report.)
Iranian officials confirm that 30,000 industrial computers in Iran have been hit by Stuxnet yet deny that Bushehr was among those infected.
That might be what Iranian officials believe, but whether it’s a belief based on fact is another matter.
As we get further into this report, it becomes apparent there is a high probability both that Bushehr has been penetrated and that the malware may still be active.
Siemens said its software has not been installed at the plant, and an Iranian official denied the malware may have infected nuclear facilities.
Siemens might not know that its software was installed at the plant, but thanks to a UPI photograph, we know that Bushehr control systems do indeed run on Siemens’ WinCC SCADA system. The warning shown below says: “WinCC Runtime License: Your software license has expired. Please obtain a valid license.”
This is what Ralph Langner, a German industrial security expert, saw as a red flag indicating that the plant is vulnerable to a cyber attack.
“This virus has not caused any damage to the main systems of the Bushehr power plant,” Bushehr project manager Mahmoud Jafari said on Iran’s Arabic-language Al-Alam television network.
“All computer programmes in the plant are working normally and have not crashed due to Stuxnet,” said Jafari, adding there was no problem with the plant’s fuel supply.
The official IRNA news agency meanwhile quoted him as saying the worm had infected some “personal computers of the plant’s personnel.”
And no infected personal computers have been hooked into the plants control system?
As indicated in this photograph showing Russian contractors inside Bushehr, the path from a personal computer to the plant’s control system is short and direct.
As for the fact that Bushehr’s control system has not crashed, the fact that the project manager cites this as evidence that the system is malware-free suggests that he does not understand how Stuxnet is designed. Stuxnet monitors process conditions and until those conditions have been met, everything should work fine. This is not like a virus that slows down an operating system.
Given the inside knowledge that Stuxnet’s creators required, it seems quite likely that the moment they would want it to kick into action — assuming that Bushehr was the intended target — would be a moment at which a catastrophic system failure could be attributed to a flaw in the facility’s construction, design or operation. A failure, for instance, as the plant approaches its intended full operational generation capacity. The 1000 megawatt plant is expected to have reached only 40% capacity by the end of December.
Telecommunications minister Reza Taqipour said “the worm has not been able to penetrate or cause serious damage to government systems.”
Again, this statement suggests a lack of understanding about Stuxnet’s highly targeted design and the fact that it is designed not to cause damage elsewhere.
Mahmoud Liayi, head of the information technology council at the ministry of industries said:
…industries were currently receiving systems to combat Stuxnet, while stressing Iran had decided not to use anti-virus software developed by Siemens because “they could be carrying a new version of the malware.”
“When Stuxnet is activated, the industrial automation systems start transmitting data about production lines to a main designated destination by the virus,” Liayi said.
“There, the data is processed by the worm’s architects and then engineer plots to attack the country.”
If this is the official consensus, Iranian facilities such as Bushehr are as vulnerable now as they were before anyone knew about Stuxnet. Liayi’s statement suggests that Stuxnet is being viewed as a tool of espionage designed to facilitate rather than execute sabotage.
In an interview on Bloomberg TV, Richard Falkenrath suggested that Israel is the most likely source of the Stuxnet malware which seems designed to cripple industrial facilities in Iran.
Falkenrath is currently the Deputy Commissioner of Counter-Terrorism for the NYPD and held several positions in the George W Bush White House including Deputy Assistant to the President and Deputy Homeland Security Advisor.
The Associated Press says that experts from Iran’s nuclear agency met this week to discuss how to combat the Stuxnet attack on Iranian facilities, according to the semi-official ISNA news agency.
The director of the Information Technology Council of the Industries and Mines Ministry has announced that the IP addresses of 30,000 industrial computer systems infected by this malware have been detected, the Mehr New Agency reported on Saturday.
“An electronic war has been launched against Iran,” Mahmoud Liaii added.
“This computer worm is designed to transfer data about production lines from our industrial plants to (locations) outside of the country,” he said.
He also announced that a working group composed of representatives from the Communications and Information Technology Ministry, the Industries and Mines Ministry, and the Passive Defense Organization has been set up to find ways to combat the spyware.
Graph shows concentration of Stuxnet-infected computers in Iran as of August. Source: Symantec
Eugene Kaspersky, co-founder and chief executive officer of Kaspersky Lab, says that the creation of Stuxnet marks the beginning of the new age of cyber-warfare.
Speaking at the Kaspersky Security Symposium with international journalists in Munich, Germany, Kaspersky described Stuxnet as the opening of “Pandora’s Box.”
“This malicious program was not designed to steal money, send spam, grab personal data, no, this piece of malware was designed to sabotage plants, to damage industrial systems,” he said.
“I am afraid this is the beginning of a new world. [The] 90’s were a decade of cyber-vandals, 2000’s were a decade of cybercriminals, I am afraid now it is a new era of cyber-wars and cyber-terrorism,” Kaspersky added.
Among industrial security experts who are convinced that Iran is the target of the Stuxnet attack, a debate has opened up around which facility the malware was designed to strike.
Frank Rieger, a German researcher with GSMK, a Berlin encryption firm, suggests that the Natanz enrichment facility looks like the most likely target. He laid out his reasoning to the Christian Science Monitor.
• Stuxnet had a halt date. Internal time signatures in Stuxnet appear to prevent it from spreading across computer systems after July 2009. That probably means the attack had to be conducted by then – though such time signatures are not certain.
• Stuxnet appears designed to take over centrifuges’ programmable logic controllers. Natanz has thousands of identical centrifuges and identical programmable logic controllers (PLCs), tiny computers for each centrifuge that oversee the centrifuge’s temperature, control valves, operating speed, and flow of cooling water. Stuxnet’s internal design would allow the malware to take over PLCs one after another, in a cookie-cutter fashion.
“It seems like the parts of Stuxnet dealing with PLCs have been designed to work on multiple nodes at once – which makes it fit well with a centrifuge plant like Natanz,” Rieger says. By contrast, Bushehr is a big central facility with many disparate PLCs performing many different functions. Stuxnet seems focused on replicating its intrusion across a lot of identical units in a single plant, he says.
Natanz also may have been hit by Stuxnet in mid-2009, Rieger says. He notes that “a serious, recent, nuclear accident” was reported at that time on WikiLeaks, the same organization that recently revealed US Afghanistan-war documents. About the same time, the BBC reported that the head of Iran’s nuclear agency had resigned.
Lending some credence to the notion that Stuxnet attacked more than a year ago, he says, is the International Atomic Energy Agency’s finding of a sudden 15 percent drop in the number of working centrifuges at the Natanz site.
Even though Natanz would seem like a logical target to choose if the objective of the attackers was to disrupt Iran’s nuclear program, Rieger’s inference — that the halt date preventing Stuxnet spreading means the attack had to take place before July 2009 — is questionable, for at least two reasons.
Firstly, given that the designers had a very specific target, their aim is likely to have been to penetrate that target while trying to limit the proliferation of the malware and thus reduce the risks of the operation’s exposure.
As previously reported, another German industrial security expert, Ralph Langner, has speculated that the Bushehr nuclear reactor is the most likely target. He bases this theory on various pieces of circumstantial evidence.
Firstly, it is known that Bushehr uses the Siemens SCADA systems that Stuxnet targets and that access to these systems available to Russian contractors working on the facility would allow the malware to be installed through USB memory sticks.
Secondly, photographic evidence shows that the facility had very weak cyber security.
A journalist’s photo from inside the Bushehr plant in early 2009, which Langner found on a public news website, shows a computer-screen schematic diagram of a process control system – but also a small dialog box on the screen with a red warning symbol. Langner says the image on the computer screen is of a Siemens supervisory control and data acquisition (SCADA) industrial software control system called Simatic WinCC – and the little warning box reveals that the software was not installed or configured correctly, and was not licensed. That photo was a red flag that the nuclear plant was vulnerable to a cyberattack, he says.
“Bushehr has all kinds of missiles around it to protect it from an airstrike,” Langner says. “But this little screen showed anyone that understood what that picture meant … that these guys were just simply begging to be [cyber]attacked.”
The picture was reportedly taken on Feb. 25, 2009, by which time the reactor should have had its cybersystems up and running and bulletproof, Langner says. The photo strongly suggests that they were not, he says. That increases the likelihood that Russian contractors unwittingly spread Stuxnet via their USB drives to Bushehr, he says.
“The attackers realized they could not get to the target simply through the Internet – a nuclear plant is not reachable that way,” he says. “But the engineers who commission such plants work very much with USBs like those Stuxnet exploited to spread itself. They’re using notebook computers and using the USBs to connect to one machine, then maybe going 20 yards away to another machine.”
Langner also cites international concern about the Bushehr reactor becoming operational.
This is a somewhat weaker strand of his argument. After all, the existence of this Russian-fueled reactor was widely seen as a demonstration of the fact that Iran could, it it chooses, have a civilian nuclear energy program without any need for a uranium enrichment program.
There is however another argument that can be made in which Bushehr becomes the target of cyberwarfare, even if it might not be a vital node in Iran’s nuclear program. In this scenario, Stuxnet would not be designed to perform its function until the reactor becomes fully operational. At that point, the malware would not simply stop the reactor working — it would trigger a Chernobyl-type nuclear meltdown.
Why would the attackers want to precipitate such a catastrophic event?
In the hope that such an “accident” would make the Iranian government look unfit to safely operate any kind of nuclear program.
To undermine Iranian domestic support for the program.
To alienate Iran from its Gulf neighbors who would be exposed to the fallout.
When John Bolton was last month melodramatically counting the days left for Israel to launch a missile strike on Bushehr, it was ostensibly because once the plant was fueled the Israelis would no longer be willing to risk the lives of so many in the region. With Gulf shipping lanes also closed down for an indeterminate period after an Israeli strike, the global economic impact would be severe.
On the other hand, in the event that Israel struck but did not fire a single missile and could not be shown to be responsible, the results of its own cost-benefit analysis — vastly different from that of the US — might make a devastating cyber attack on Bushehr seem well worth the risk.
In an analysis of Israel’s expanding cyberwarfare capabilities, Scott Borg, director of the US Cyber Consequences Unit, which advises various Washington agencies on cyber security, told Reuters last year that an Israeli attack on an Iranian nuclear facility could employ “malware loitering unseen and awaiting an external trigger, or pre-set to strike automatically when the infected facility reaches a more critical level of activity.”
The decision by Iranian authorities to announce that they have an ongoing investigation on how to thwart Stuxnet, suggests that they may now also be reassessing the risks of bringing Bushehr online as a fully operational facility.
Postscript: Even though discussion on the whole subject of Stuxnet’s purpose and origin is at this point highly speculative, some readers may view my suggestion that the goal is to cause a Chernobyl-type disaster to be a particularly wild conjecture. Maybe it is, but here’s a little more of my thinking on why that would be a plausible objective.
There is little reason to doubt that Israeli leaders from across the political spectrum are serious in their stated objections to Iran’s nuclear program. (Whether those objections correspond with Iran’s genuine nuclear ambitions is another question, as is the question of whether a nuclear-armed Iran would actually pose an existential threat to Israel.)
Among analysts inside and outside Israel there is a broad consensus that military action aimed at crippling Iran’s nuclear facilities would accomplish no more than cause a setback of a few years in the program. The same applies to sabotage.
Given the broad national support the nuclear program has, there is also reason to doubt that regime change would necessarily result in Iran’s enrichment program being scrapped.
What those who fear a nuclear-armed Iran hope to see is a credible political shift as a result of which Iran’s nuclear intentions are no longer in doubt and are demonstrably peaceful. (Which is to say, an ideal end-state similar to the one adopted by South Africa when it chose to abandon nuclear weapons — an ironic comparison of course, given that it was Israel that helped South Africa become a nuclear-armed state.)
For that reason, coercion (through sanctions) and military force are both potentially counterproductive in that pressure generally produces resistance.
On the other hand, the desired outcome might be reached if the Iranians through their own volition came to the conclusion that the costs of nuclear development outweighed the benefits. A catastrophic “accident” might be instrumental in bringing about a change of perspective through which for Iran as a nation, nuclear power lost most of its appeal.
Needless to say, if such an accident was exposed to be the result of an Israeli cyber attack, the plan would dangerously backfire.
Do intelligence agencies come up with such reckless plans? All the time.
Inveterate gamers will no doubt see another possibility here — that Stuxnet is part of a psy-ops plan designed to provoke a greater fear of catastrophic damage than it can actually cause. Possibly, but to identify and then exploit four Windows vulnerabilities suggests that the creators of this malware were willing to employ every possible resource at their disposal. In other words, they were seriously intent on doing damage — not just provoking fear.
At that point it was already understood that the Stuxnet computer worm was almost certainly targeting Iran since that was the location of 60% of the computer systems affected. Moreover, since the worm targets Siemens SCADA (supervisory control and data acquisition) management systems that control energy utilities, and since its design strongly suggested that it had been created for sabotage, it seemed likely that the specific target was Iran’s nuclear program.
A German team of industrial cyber security experts who have analyzed the way the worm operates now claim that it may have been designed to attack the newly operational Bushehr nuclear reactor.
Ralph Langner envisages that the highly sophisticated attack would have required a preparation team that included “intel, covert ops, exploit writers, process engineers, control system engineers, product specialists, military liaison.”
Since reverse engineering chunks of Stuxnet’s massive code, senior US cyber security experts confirm what Mr. Langner, the German researcher, told the Monitor: Stuxnet is essentially a precision, military-grade cyber missile deployed early last year to seek out and destroy one real-world target of high importance — a target still unknown.
“Stuxnet is a 100-percent-directed cyber attack aimed at destroying an industrial process in the physical world,” says Langner, who last week became the first to publicly detail Stuxnet’s destructive purpose and its authors’ malicious intent. “This is not about espionage, as some have said. This is a 100 percent sabotage attack.”
On his website, Langner lays out the Stuxnet code he has dissected. He shows step by step how Stuxnet operates as a guided cyber missile. Three top US industrial control system security experts, each of whom has also independently reverse-engineered portions of Stuxnet, confirmed his findings to the Monitor.
“His technical analysis is good,” says a senior US researcher who has analyzed Stuxnet, who asked for anonymity because he is not allowed to speak to the press. “We’re also tearing [Stuxnet] apart and are seeing some of the same things.”
Other experts who have not themselves reverse-engineered Stuxnet but are familiar with the findings of those who have concur with Langner’s analysis.
“What we’re seeing with Stuxnet is the first view of something new that doesn’t need outside guidance by a human – but can still take control of your infrastructure,” says Michael Assante, former chief of industrial control systems cyber security research at the US Department of Energy’s Idaho National Laboratory. “This is the first direct example of weaponized software, highly customized and designed to find a particular target.”
“I’d agree with the classification of this as a weapon,” Jonathan Pollet, CEO of Red Tiger Security and an industrial control system security expert, says in an e-mail.
Langner’s research, outlined on his website Monday, reveals a key step in the Stuxnet attack that other researchers agree illustrates its destructive purpose. That step, which Langner calls “fingerprinting,” qualifies Stuxnet as a targeted weapon, he says.
Langner zeroes in on Stuxnet’s ability to “fingerprint” the computer system it infiltrates to determine whether it is the precise machine the attack-ware is looking to destroy. If not, it leaves the industrial computer alone. It is this digital fingerprinting of the control systems that shows Stuxnet to be not spyware, but rather attackware meant to destroy, Langner says.
Langer speculates that Iran’s Bushehr nuclear power plant may have been the Stuxnet target. He also writes: “The forensics that we are getting will ultimately point clearly to the attacked process — and to the attackers. The attackers must know this. My conclusion is, they don’t care. They don’t fear going to jail.”
If Bushehr was indeed the target, it may have presented itself first and foremost as a target of opportunity. From the point of view of governments with an interest in sabotaging Iran’s nuclear program, Bushehr would not be the most attractive target, but access provided to Russian contractors may have made it the easiest target.
Last September, Reuters reported: “Israel has been developing ‘cyber-war’ capabilities that could disrupt Iranian industrial and military control systems.”
So let’s assume that using Stuxnet, Israel has indeed launched the world’s first precision, military-grade cyber missile. What are the implications?
1. Iran has been served notice that not only its nuclear facilities but its whole industrial infrastructure is vulnerable to attack. As Trevor Butterworth noted: “By demonstrating how Iran could so very easily experience a Chernobyl-like catastrophe, or the entire destruction of its conventional energy grid, the first round of the ‘war’ may have already been won.”
2. The perception that it has both developed capabilities and shown its willingness to engage in cyberwarfare, will serve Israel as a strategic asset even if it never admits to having launched Stuxnet.
3. When it comes to cyberwarfare, Israel ranks as a major global power. It’s own tiny infrastructure makes it much less vulnerable to attack than is the sprawling infrastructure of the United States. It’s highly developed military IT industry means that it not only has great domestic human resources but that Israeli IT specialists, through research and employment, have the best possible access to most of the leading development facilities and vendors around the world.
4. As a cyber arms race takes off, we should not imagine that it will be like other arms races where power resides more in capabilities than in the use of those capabilities. “Whereas nuclear weapons have been used twice in human history, cyber weapons are employed daily and there is therefore an existential need to create some form of regulatory system that allows more than implicit deterrence,” says Robert Fry.
5. If AQ Khan demonstrated the ease with which a nuclear proliferation network can operate, the fact that the raw material upon which cyberwarfare is based is arguably the most easily transferable object on the planet — computer code — means that in certain ways the era of cyberwarfare may prove to be more dangerous than the nuclear era.
6. In the strategic landscape of cyberwarfare the most dangerous player may turn out to be a small but highly developed fortress-state that feels threatened by much of the rest of the world; that neither trusts nor is trusted by any of its allies; that sees its own stability enhanced by regional instability; that has seen its own economic fortunes rise while the global economy suffers; and that views with contempt the notion of an international community.
The strange saga of a Toronto-based blogger jailed in Iran on propaganda charges took an alarming twist Tuesday after his supporters said prosecutors requested the death penalty.
Hossein Derakhshan is known as the Iranian “blogfather” for launching the dissident Persian blogosphere — an act of defiance he committed from Toronto, where he lived for eight years after becoming a Canadian citizen.
Toronto was the launching pad for his most daring cyber-caper, when he visited Israel on his Canadian passport and blogged from inside Iran for a massive Persian-speaking web following.
“Hoder,” as Derakhshan calls himself online, was arrested after returning to Iran in the fall of 2008 and jailed for almost two years before facing trial this June. Family and supporters learned Monday night he could face execution.
Just over a year ago, as Iranians took to the streets to protest the disputed presidential election, Andrew Sullivan declared: “The Revolution Will Be Twittered.”
Marveling at the ability of Twitter to empower the people, Sullivan wrote:
That a new information technology could be improvised for this purpose so swiftly is a sign of the times. It reveals in Iran what the Obama campaign revealed in the United States. You cannot stop people any longer. You cannot control them any longer. They can bypass your established media; they can broadcast to one another; they can organize as never before.
One young man, Austin Heap, inspired by the revolutionary potential of new technologies saw at that moment an opportunity to further empower the Green Movement by creating a tool to protect Iranian dissidents for whom internet anonymity had become a life or death imperative.
This is how its creators described their revolutionary tool:
Haystack is a computer program that allows full, uncensored access to the internet even in areas with heavy internet filtering such as Iran. We use a novel approach to obfuscating traffic that is exceptionally difficult to detect, much less block, but which at the same time allows users to security [sic] use normal web browsers and network applications.
To securely use? Perhaps the copy editing on Haystack’s FAQ provided a clue about how carefully they would go about writing computer code.
After wowing the media — and the Obama administration, which provided a rarely granted special license to distribute the software in Iran — it turns out that Haystack has not only failed to live up to expectations, but it may have also placed thousands of Iranian dissidents at risk.
Evgeny Morozov, who blogs at Foreign Policy, was one of the few skeptics.
It all sounded great in theory, until security professionals began asking Austin Heap for a copy of Haystack’s code. (The program was never made available for download.) Every time someone would ask for a copy of Haystack, Heap would demur, explaining that releasing a copy of the program would imperil the project’s security. As the code stayed under wraps, the admiring reviews of Haystack — a program that no one in the media had ever seen — continued to pour in, and the project continued to raise money. While the funding details remain murky, Haystack did get at least one sizable grant — $50,000 from the global advocacy group Avaaz.org.
Heap’s ambitious plans for Haystack went far beyond Iran. In May, he told NPR that he was already working on exporting the program to at least two other countries. As Heap explained to Newsweek in August, “We will systematically take on each repressive country that censors its people. We have a list. Don’t piss off hackers who will have their way with you. A mischievous kid will show you how the Internet works.”
As Heap promised to tear down censorship worldwide, a group of Iranians began to test Haystack inside the country. It didn’t work. On top of the fact that it couldn’t pierce the Iranian firewall, Haystack was extremely insecure. The program’s security holes are so severe, in fact, that describing them here could help the Iranian government retroactively hunt down anyone who ever tested Haystack in Iran. In essence, Heap’s haystack was very, very small and the needle buried within carried GPS coordinates.
Members of the Censorship Research Center [the non-profit backing Haystack] said they were withdrawing the Haystack tool and asked that all remaining copies be destroyed. The move came after hacker Jacob Appelbaum called Haystack “the worst piece of software I have ever had the displeasure of ripping apart” and warned it could jeopardize the lives of Iranians who used it.
The project’s lead developer said here he was resigning. Those remaining vowed to have the program reviewed by outside auditors and then released as an open-source package.
It remains unclear how many people ever used Haystack and whether anyone actually depended on it to cloak their online activities from the prying eyes of Iran’s government. What is free from any doubt is the tremendous amount of uninformed adulation the program creators received from mostly mainstream news outlets.
Beyond the overblown expectations about technologically-enabled revolution, the Haystack story also points to the consequences of an inexorable historical trend.
As technological expertise has become progressively more specialized, the gap between user knowledge and producer knowledge becomes increasingly wider — to a point where for the vast majority of people, every piece of technology upon which we depend operates in ways utterly beyond our understanding.
Whereas the ability to understand how things work once formed many strands of common knowledge, we now share common ignorance. We pursue knowledge down much narrower tracks and on this basis repeatedly make naive assumptions about expertise whose quality we are unqualified to assess.
Why did so many journalists believe that Haystack could do what Austin Heap claimed it could? For a good number his credibility was probably based on little more than the fact that he was a geek from Silicon Valley.
As for the immediate impact of Haystack’s failure, the means through which Heap planned to expand its use — by initially sharing it with selected activists and trusted individuals on an invitation-only basis — could have made the software function like a Trojan Horse serving the Iranian regime.
Perhaps the most damning assessment of Haystack comes from the software’s lead developer, Daniel Colascione, who wrote in a letter or resignation:
I regret that we exposed anyone to undue risk, and that we deprived citizens of the effective anti-censorship tool that might have been. I regret standing silently while I listened to empty promises — and I especially regret that this whole ordeal has scarred the anti-censorship landscape so badly that it may be years before anything grows there again.
The lesson of the famous Millennium 2002 Challenge was that a cumbersome military machine that over-invests in high tech weaponry is vulnerable to swarming attacks. In the $250 million war game such an attack resulted in most of the US fleet being sunk within hours.
With the development of the F-35 Joint Strike Fighter — the most expensive defense program ever — going ahead, it looks like the Pentagon is still stuck in the past. Iran on the other hand — the country that grasps the jugular vein through which most of the world’s oil supply flows (the Strait of Hormuz) — today made clear that it knows exactly how to flex its muscles in that arena and it will do so with vessels designed for lethal swarming.
Iran began mass-producing two high-speed variants of missile-launching assault boats on Monday, warning its enemies not to “play with fire” as it boosts security along its coastline.
The inauguration of the production lines for the Seraj and Zolfaqar speedboats comes a day after President Mahmoud Ahmadinejad unveiled Iran’s home-built bomber drone, which he said would deliver “death” to Iran’s enemies.
The United States expressed concern about the Islamic republic’s growing military capabilities.
Iran’s state news agency IRNA reported that the Seraj (Lamp) and Zolfaqar (named after Shiite Imam Ali’s sword) boats would be manufactured at the marine industries complex of the defence ministry.
Defence Minister Ahmad Vahidi opened the assembly lines, saying the vessels would help to strengthen Iran’s defences, IRNA said.
“Today, the Islamic Republic of Iran is relying on a great defence industry and the powerful forces of Sepah (Revolutionary Guards) and the army, with their utmost strength, can provide security to the Persian Gulf, the Sea of Oman and Strait of Hormuz,” Vahidi said.
He issued a stern warning to Iran’s foes.
“The enemy must be careful of its adventurous behaviour and not play with fire because the Islamic Republic of Iran’s response would be unpredictable,” IRNA quoted him as saying.
“If enemies attack Iran, the Islamic Republic of Iran’s reaction will not be restricted to one area. The truth of our defence doctrine is that we will not attack any country and that we extend our hand to all legitimate countries.”
Meanwhile, in yet another response to Jeffrey Goldberg’s prediction of an Israeli attack on Iran, the former UN chief weapons inspector, David Kay, suggests that Israel is using the issue in order to press the Obama administration to ease its pressure on settlements and the need to make concessions to the Palestinians.
… Israel is engaged in psychological warfare with the Obama administration — and it only partly concerns Iran.
With regard Iran, Israel clearly understands that any unilateral military action it took against Iran without U.S. knowledge and support could have consequence of strategic importance for Israel and might even make an attack on Iran of limited benefit. Israel would much rather have the U.S. with it in an attack on Iran, or, even better, would be if the U.S. executed the attack entirely on its own.
But beyond Iran, of probably greater importance to the current Israeli government is avoiding the Obama administration pushing it into a choice between settlements and territorial arrangements with the Palestinians that it is unwilling to make and permanent damage to its relationship with the U.S. Hyping the Iranian nuclear program and the need for early military action is a nice bargaining counter. The U.S. certainly cannot join or lead an attack on Iran while pushing the Israeli government to the brink on settlements and concessions to the Palestinians. Or if the U.S. wants to avoid an imminent Israeli strike, it must make concessions to Israel on the Palestinian issues.
This website or its third-party tools use cookies, which are necessary to its functioning. By closing this banner, you agree to the use of cookies.
What kind of institutional entity do the hacks in Washington constitute such that they can have a “dean”?
Arrested in October 2008, Derakhshan had been charged with “cooperation with hostile states” and “propagating against the regime”, among other counts, the site said. In addition to the lengthy prison term, he was fined and banned from membership in political parties and work in the media for a period of five years. 
An 
A German team of industrial cyber security experts who have analyzed the way the worm operates now claim that it may have been designed to attack the newly operational Bushehr nuclear reactor.
One young man, Austin Heap, inspired by the revolutionary potential of new technologies saw at that moment an opportunity to further empower the Green Movement by creating a tool to protect Iranian dissidents for whom internet anonymity had become a life or death imperative.
