« Dude's Less Comfortable and Articulate on Camera Than I Am | Main | Emmanuel "Someone Spit On Me When He Was Talking" Cleaver: Hey, I've Got A Great Idea-- A $48 Billion Earmark to Redistribute Money to the Urban Poor »
December 15, 2010

Intelligence Estimate: Stuxnet Set Back Iran's Nuclear Program By Two Years

Experts guess the IDF did it, but in a second article I'll link in a second there's plenty of speculation it was the US, too.

The Stuxnet virus, which has attacked Iran’s nuclear facilities and which Israel is suspected of creating, has set back the Islamic Republic’s nuclear program by two years, a top German computer consultant who was one of the first experts to analyze the program’s code told The Jerusalem Post on Tuesday.

“It will take two years for Iran to get back on track,” Langer said in a telephone interview from his office in Hamburg, Germany. “This was nearly as effective as a military strike, but even better since there are no fatalities and no full-blown war. From a military perspective, this was a huge success.”

...

Last month, the International Atomic Energy Agency (IAEA), the United Nation’s nuclear watchdog, said that Iran had suspended work at its nuclear-field production facilities, likely a result of the Stuxnet virus.

This long piece from Newsweek (which I'll digest if you're boycotting) gives me some hope that someone, somewhere in the intelligence committee knows what the fuck they're doing.

In case you didn't know how Stuxnet worked (I didn't), here's the brief: The high-speed centrifuges spin so quickly they need very careful monitoring by a computer program to slow them or speed them up or balance them. Obviously, this happens far too quickly for any human being to be able to handle it; it's automated. If they spin wrong, it causes mechanical damage and break-downs.

The Stuxnet was introduced physically to the computers monitoring the centrifuges physically by a USB drive or the like (and possibly unknowingly; a technician might have had his thumb-drive secretly infected). It then waited for a while, spreading itself around. At an appointed time it began to deliberately cause the centrifuges to spin wrong and thus the break-downs; many centrifuges are broken or out of service.

One thing about the worm that didn't quite work is that it was supposed to disappear, invisibly, probably so that the Iranian scientists would never discover what the problem was; or to possibly prevent replication by enemy hackers; or perhaps to not leave a trail (for legal reasons, Newsweek guesses, but what? What, is Iran going to sue?); or perhaps to make sure the Stuxnet never somehow got out and started screwing up non-targeted machines by accident.

But the worm was discovered, and is now being analyzed by hackers and cyber-security expert, who call it a work of art.

The real damage to the Iranian nuclear program, however, was done by Stuxnet—the most sophisticated computer worm ever detected and analyzed, one targeting hardware as well as software, and a paradigm of covert cyberweapons to come. “Stuxnet is the start of a new era,” says Stewart Baker, former general counsel of the U.S. National Security Agency. “It’s the first time we’ve actually seen a weapon created by a state to achieve a goal that you would otherwise have used multiple cruise missiles to achieve.”

According to figures compiled by David Albright of the Institute for Science and International Security, a Washington think tank that follows the Iranian program closely, Tehran had major problems bringing new centrifuges online throughout 2009. The first 4,000 already installed at the Natanz facility continued to spin, but the next 5,000 were beset by delays. The worst problems came in an array of centrifuges known as A-26, which Iran began installing in late 2008—around the time Stuxnet was sent on its mission. In the late summer of 2009, half the functioning A-26 centrifuges had to be pulled out of service. At the turn of this year, Albright has learned, 1,000 more simply broke down. This may have been the “limited number” Ahmadinejad was talking about. [Reference is to a previous quote in which Ahmadinejad reversed the state's official line that the attack was ineffective and conceded that a "limited number" of centrifuges were temporarily taken off-line.]

This makes it seem dispositive that it was state action, and not, say, some White Hat hackers deciding to do some good on their own:

What’s clear, says Clarke, is that major resources went into Stuxnet’s development. Microsoft estimates that building the virus likely took 10,000 man-days of labor by top-rank software engineers. Unlike most of the worms and viruses that wreak havoc on computers, this one was not designed to spread far and wide, doing damage wherever it landed. It is structured to target a specific set of devices manufactured only in Finland and Iran that are used to determine the speed at which the centrifuges rotate. If that speed is not modulated perfectly, vibrations make the machines break down, as indeed they have. According to Eric Chien of the antivirus firm Symantec, who has pulled Stuxnet apart like a strand of DNA, all that incredibly complex information was built into it before it ever infected the Iranian system. Clarke suggests that whoever developed Stuxnet probably had the same types of software and centrifuges on which to run tests. “That’s expensive,” he says. “That’s millions of dollars.”

The article also discusses the assassinations of the Iranian scientists. Newsweek's guess is that Israel did the violent stuff, and America did the Stuxnet, but Israel also has a legendary cyber unit that could be responsible.

The last couple of paragraphs stress that the super-sophisticated, 10,000+ man-days worm, now having been discovered, can be modified and used as weapon by others.


digg this
posted by Ace at 03:07 PM

| Access Comments




Recent Comments
flounder, rebel, vulgarian, deplorable, winner: "[i]398 303 Or in a worst case block sites altog ..."

Archer: "What does ALGOREMANBEARPIG have to say, since he i ..."

Your Decidedly Devious Uncle Palpatine, Booking Agent, Aero Pinochet: "413. Leave the shelf. Take the server. ..."

Meremortal: "Posted by: Vic We Have No Party at December 14, 20 ..."

Half Senile Soothsayer -- Fake Commenter: " Yeah, I can't live without AoS. But I am run ..."

All Hail Eris, She-Wolf of the 'Ettes 'Ettes: "Our apartment building is having a Christmas party ..."

Skip: "Internet speed has gone through the roof and is ch ..."

Royer gen Cliffton-Gryms: "Wireless will displace wired for a lot of people. ..."

Warai-otoko: "Phoning the Czar. Posted by: BackwardsBoy at Dece ..."

@JRandomMoron[/i]: "[i]You weren't here the day the Ace of Spades HQ b ..."

Snuffy Smith's lookin' fer Bob: "It doesnt help that the main theme is Obama=BAD. . ..."

freaked: "Wireless will displace wired for a lot of people. ..."

Recent Entries
Search


MuNuvians
Polls! Polls! Polls!
Frequently Asked Questions
The (Almost) Complete Paul Anka Integrity Kick
Top Top Tens
Greatest Hitjobs

The Ace of Spades HQ Sex-for-Money Skankathon
A D&D Guide to the Democratic Candidates
Margaret Cho: Just Not Funny
More Margaret Cho Abuse
Margaret Cho: Still Not Funny
Iraqi Prisoner Claims He Was Raped... By Woman
Wonkette Announces "Morning Zoo" Format
John Kerry's "Plan" Causes Surrender of Moqtada al-Sadr's Militia
World Muslim Leaders Apologize for Nick Berg's Beheading
Michael Moore Goes on Lunchtime Manhattan Death-Spree
Milestone: Oliver Willis Posts 400th "Fake News Article" Referencing Britney Spears
Liberal Economists Rue a "New Decade of Greed"
Artificial Insouciance: Maureen Dowd's Word Processor Revolts Against Her Numbing Imbecility
Intelligence Officials Eye Blogs for Tips
They Done Found Us Out, Cletus: Intrepid Internet Detective Figures Out Our Master Plan
Shock: Josh Marshall Almost Mentions Sarin Discovery in Iraq
Leather-Clad Biker Freaks Terrorize Australian Town
When Clinton Was President, Torture Was Cool
What Wonkette Means When She Explains What Tina Brown Means
Wonkette's Stand-Up Act
Wankette HQ Gay-Rumors Du Jour
Here's What's Bugging Me: Goose and Slider
My Own Micah Wright Style Confession of Dishonesty
Outraged "Conservatives" React to the FMA
An On-Line Impression of Dennis Miller Having Sex with a Kodiak Bear
The Story the Rightwing Media Refuses to Report!
Our Lunch with David "Glengarry Glen Ross" Mamet
The House of Love: Paul Krugman
A Michael Moore Mystery (TM)
The Dowd-O-Matic!
Liberal Consistency and Other Myths
Kepler's Laws of Liberal Media Bias
John Kerry-- The Splunge! Candidate
"Divisive" Politics & "Attacks on Patriotism" (very long)
The Donkey ("The Raven" parody)
News/Chat
Archives
Powered by
Movable Type 2.64