It was not supposed to go public. In fact, it should have disappeared without a trace. Facing the development of Iran’s nuclear program, the US Secret Services, NSA, CIA in collaboration with its armed forces, the British Government Communications Headquarters (GCHQ) and Israel’s Mossad engineered a new kind of cyber weapon. This malicious virus was programmed to specifically attack the fast-spinning centrifuges in Iran’s nuclear enrichment plants, without revealing its origin. The program was effective, but only managed to slow down Iran’s production for a short while. Then everything went catastrophically wrong. A Pandora’s box of colossal damage was unleashed, threatening the entire planet.
During the first sequences of his film, Gibney spends a lot of time portraying the fascination expressed by highly experienced specialists from different factions and backgrounds regarding this new and highly complex weapons system. Code named Olympic Games by its developers. While traditional viruses can normally be detected and decrypted in a matter of hours, it took foreign secret services and information scientists months to assess Stuxnet’s impact. When the uncontrollable outbreak of the Games became apparent, no state or organisation took responsibility. No comments were made or risks confirmed. The case got classified, the subject taboo. But, even inside the NSA there were some who, conscious of the worldwide threat, broke the silence. Under the protection of guaranteed anonymity, they began to share information with the public. Gibney’s film is based on their statements.
But, in order to fully understand the consequences, let us take a step back. During the Shah’s regime, it was the United States that brought the first atomic reactor to Iran and encouraged it to go forward with its own nuclear production, including nuclear weapons. At that time, Iran was considered a good strategic partner for America’s interests in the Middle East. However, the Islamic revolution quickly severed these political ties. Now the State of Israel, which was never recognised by Iran, felt threatened by its growing nuclear production. In 1981, in a risky manoeuvre, Israel’s military force destroyed Iran’s only plutonium enriching reactor. The political backlash was an enforced alliance of the Arab world against Israel. Following the US’ defeats in Afghanistan and Iraq, Iran no longer felt threatened by a potential invasion and returned to its nuclear program. Even Bush could not risk a direct attack on Iran’s growing nuclear plants. Instead, in 2010, a plot to assassinate Iranian nuclear scientists was put into action. What was needed now was a new kind of weapon, onewhich did which did not leave a trace.
Consequently, the NSA in collaboration with Israel’s 8200 Headquarters developed, in total secrecy, the Stuxnet cyber weapon. This malicious computer worm targeted the programmable logic controllers (PLCs) in Iran’s industrial computer systems. Introduced to the target environment online, without the prior necessity of a download, it remained dormant for one month, collecting data on normal operations systems values. Once Stuxnet was activated, this data was replayed and fed back to the systems users, duping controllers into not noticing strange activity whilst causing the fast-spinning centrifuges to explode before their very eyes. The attack was considered a great success until the nervous Israelis went rogue.
Without explicitly stating so, it is clear that these powers of espionage greatly concern the industrial and political decision makers worldwide.
In 2010, in a reckless attempt to pressurise the United States to take more extreme measures against Iran, Israel broke Stuxnet’s security code and released it worldwide. From that moment on, industrial computers everywhere were at risk of potentially shutting down large production complexes or even activating striking programmes. For these reasons, NSA employees, even those who considered that Snowden had gone too far, decided to incite a public debate, perhaps their only chance of avoiding a global catastrophe. The brilliance behind the Olympic Games is that it works without a source code. Once launched, it acts independently and cannot be recalled. It is not connected to any centre and can get reactivated for new attacks on different Zero Days (dates of initiation). Furthermore, Stuxnet is no longer dependent on the internet to access its targets. It finds its way through other networks, rendering protection almost futile.
Login or signup to read the rest..If you do not have subscription, you can just login or register, and choose free guest or subscription to read all articles.