israel

Security, fear and Stuxnet

Roman Poroshyn’s brief book (156 pages) provides an excellent overview of Stuxnet within the larger context of cyber-warfare and espionage in the Middle East. Unlike another book on the same topic, Kim Zetter’s Countdown to Zero, it is not based on extensive interviews, nor does it focus in as great a depth upon the process through which the virus was investigated by global cyber security firms. Instead, with Stuxnet: the true story of Hunt and Evolution, Poroshyn tries to place Stuxnet into a broader context of espionage and cyber-warfare directed against not only Iran, but also other institutions in the Middle East, such as the Lebanese banking system. The book is an engaging read (despite the awkward wording of its subtitle), and Poroshyn shares a number of intriguing insights, of which the most interesting was that Stuxnet’s creators ultimately may have allowed it to be revealed to the world as an act of psychological warfare (33-35, 154-155). One of Poroshyn’s other arguments is that Stuxnet is only one chapter in a much longer struggle, which is convincing given his detailed analysis of successive software tools (Flame, Gauss, Narilam, and perhaps Stars) that Israel and the United States likely used against Iran and other regional actors.

One of the book’s strengths is its ability to convey the intelligence of the software design behind this particular cyberweapon. For example, Stuxnet entered into the Iranian nuclear enrichment network through USB sticks, because the network was air-gapped (lacked an internet connection) to the outside world. The level of deceit entailed is chilling: “After the third infection the original Stuxnet worm commits suicide. It deletes itself from the USB stick without leaving a trace” (18). Perhaps most impressive was the fact that it used the very tools for securing machines to infect them: “The perfect match for all of Stuxnet’s requirements is a computer scan process, generated by antivirus software. Stuxnet injects its clone into a variety of processes generated by anti-virus programs from BitDefender, Kaspersky, McAfee, Symantec, and many others” (19). The program was so effective that it briefly shut down the entire Iranian enrichment program (22). Of course, the Iranians ultimately were able to return to significant production. What is impressive, however, was that it achieved this goals which would have been difficult to achieve even with a conventional airstrike against such a hardened site as the Iranian enrichment facility. It also had dangerous implications: “Russia, which is involved in the reconstruction of the Iranian nuclear reactor in Busher, immediately accused Stuxnet of problems associated with the reactor’s reconstruction, and blamed Stuxnet for all delays” (37). There seems to be little evidence for this allegation, but once the attack is made, other actors may also view themselves as being threatened (or that the attack represents a convenient excuse).

There is reason to believe, as Poroshyn suggests, that there are other versions of this particular weapon in existence, only biding their time to be unleashed (53). This book is currently in its third edition. It will be interesting to learn what has happened when the fourth edition is released.

If you are interested in cyber-warfare you might want to read my review of the novel Ghost Fleet.

Shawn Smallman, 2016

The Vela Incident

Image of satellite courtesy of dream designs at freedigitalphotos

On September 22, 1979 an aging American spy satellite detected a powerful flash of light that was so deep in the southern oceans that it was unclear if the flash was in the South Atlantic or the Indian ocean. National Security authorities soon notified President Jimmy Carter that there had been a nuclear test. But had there really been one? The issue mattered because at the heart of the Partial Nuclear Test Ban Treat of 1963 was the belief that the United States (and the Soviet Union) could detect clandestine explosions. The President convened a special task force to determine what the satellite had observed. In the end, the committee decided that the flash most likely resulted from a micro-meteorite hitting the satellite, rather than an event on earth. Many defense observers with considerable expertise held a different view. The debate has continued over three decades, with the consensus shifting as first one piece of new evidence comes forward, only to be countered by the next revelation. So what exactly happened deep over the southern oceans? …

Privacy & Cookies: This site uses cookies. See our Privacy Policy for details. By continuing to use this website, you agree to their use. If you do not consent, click here to opt out of Google Analytics.