assessments

Jan 17, 2011 | 19:12 GMT

6 mins read

The U.S.-Israeli Stuxnet Alliance

Getty Images
Summary
The New York Times published an article Jan. 15 detailing cooperation between the United States and Israel in developing the Stuxnet worm. The report details some elements of unprecedented and extensive operational cooperation among U.S. and Israeli intelligence services to develop and release the cyberweapon.
The New York Times published an article Jan. 15 detailing the cooperation between the United States and Israel in developing the Stuxnet worm. Speculation has been rife about who created the cyberweapon, and if the Times' sources are accurate, the list of possibilities has been narrowed down to a clandestine alliance against the Iranian nuclear program. Creating Stuxnet involved three major components, which STRATFOR noted would require major state resources: technical intelligence on the technology used in Iran's nuclear facilities; programming and testing capabilities; and human access to the facilities. The report only details some of the first and second components, describing cooperation among multiple agencies in the U.S. and Israel. Intelligence services, particularly British and U.S. intelligence, have cooperated in the past, but not at the level that led to Stuxnet's creation. According to the article in The New York Times, Stuxnet's development goes back to at least 2008 when German-owned Siemens cooperated with the Idaho National Laboratory, a U.S. government lab responsible for nuclear reactor testing, to examine the vulnerabilities of computer controllers that Siemens sells to operate industrial machinery worldwide. Most likely, the U.S. Department of Energy and Siemens saw it as part of the post-9/11 security procedures for protecting U.S. infrastructure. In July 2008, the Department of Homeland Security-sponsored project presented its findings at a public conference in Chicago. While it is possible that those writing or requesting the report knew this information would be used to attack an industrial facility run by Siemens' Process Control System 7 — the subject of the study and system used in Iran's centrifuge facilities — they likely knew nothing of the United States and Israel's secret plans. The CIA had been developing a method to damage Iran's centrifuges since at least 2004. The Iranians were attempting to operate a domestic copy of what is known as the P-1 centrifuge — Pakistan's first-generation centrifuge, the plans for which were distributed by the A.Q. Khan network. U.S. and British scientists failed to get the P-1 centrifuge operating properly. The Israelis were able to operate P-1 centrifuges for testing purposes at the Dimona nuclear facility (famous for creating Israel's first nuclear weapon). The New York Times' sources indicate that the Israelis had a great deal of difficulty running the P-1s. However, they were able to test Stuxnet in a controlled environment. Assuming the New York Times' confidential sources are accurate — the information in the article does seem to come from a number of U.S. and Israeli officials — details are now available on two parts of Stuxnet's development. The Idaho research would give Stuxnet's developers some targeting characteristics, though it still does not explain how Stuxnet was able to target Iran's facilities specifically. The testing at Dimona would also verify that such a program would work and, while spreading to thousands of computers worldwide, would only damage its very specific target. Since news of Stuxnet first became public, various sources have confirmed its success. Multiple Iranian officials, including President Mahmoud Ahmadinejad, have admitted it caused some damage to Iran's nuclear facilities. Reports from the International Atomic Energy Agency describe major disruptions in Iranian centrifuge operations. In another report, the Institute for Science and International Security found that 984 centrifuges were taken out of the Natanz enrichment facility in 2009. This is the exact number of centrifuges linked together that Stuxnet was targeting, according to Langner, a network security company that first analyzed Stuxnet. The New York Times report leaves questions about how intelligence was gathered in order to target that specific number of centrifuges. It also does not detail how the worm gained access to the Natanz facility. While the worm was designed to spread on its own, the United States or Israel most likely had agents with access to Natanz or access to the computers of scientists who might unknowingly spread the worm on flash drives. This would guarantee its infiltration into the Iranian systems and, the developers hoped, its success. In all probability, an operational asset with access to the Iranian facilities was used to help introduce the Stuxnet worm into the Iranian computer systems. Many secrets remain about how the United States and Israel orchestrated this attack, the first targeted weapon spread on computer networks in history. What it does show is unprecedented cooperation among U.S. and Israeli intelligence and nuclear agencies to wage clandestine sabotage operations against Iran. Rumors of an agreement between the countries have been swirling since Washington denied permission for a conventional Israeli attack in 2008. On Dec. 30, 2010, French newspaper Le Canard Enchaine reported that U.S. and British intelligence services agreed to cooperate with Mossad in a clandestine program if the Israelis promised not to launch a military strike on Iran. The New York Times report, assuming its sources are accurate, verifies that this kind of cooperation is ongoing. STRATFOR originally listed nine countries that could have developed Stuxnet and suggested that cooperation between Washington and other countries might have been behind the worm's creation. Stuxnet was a major undertaking that it appears one country could not develop on its own. While international intelligence cooperation is common, especially Mossad's development of liaison networks, most of this is limited to passing information. Stuxnet could be the first publicly recorded incident of such extensive operational cooperation between two or three countries. Usually, individual countries protect their weapons development and intelligence operations, of which Stuxnet is a cyber version, very carefully. But it appears this weapon was not something the United States could develop, and perhaps implement, on its own. While cooperation occurs for major weapons development, such as U.S. and British cooperation on nuclear weapons, it is rare to cooperate in intelligence collection, weapons development and covert operations all at once. Stuxnet does not address the issue of Iran's emergence as the major power in the Middle East, though it has without a doubt caused a major delay for its nuclear program. Iran announced the same day as the New York Times report that it plans to produce centrifuges domestically — possibly because of the Stuxnet worm or because of the unreliability of the P-1 centrifuge. Domestically produced centrifuges will present new challenges for Iran and could be the reason for the longer timelines U.S. and Israeli intelligence officials have given for the production of an Iranian nuclear weapon. While intelligence officers can claim a tactical success in Stuxnet, intelligence cooperation still faces the challenges of Iran's conventional military capability; its proxies in Iraq, Lebanon and Gaza; and ability to attempt to close the Strait of Hormuz — the true sources of its regional rise.

Article Search

Copyright © Stratfor Enterprises, LLC. All rights reserved.

Stratfor Worldview

OUR COMMITMENT

To empower members to confidently understand and navigate a continuously changing and complex global environment.

GET THE MOBILE APPGoogle Play