President Barack Obama has been fighting a clandestine cyberwar against foreign governments and al-Qaeda, and his efforts in that arena have far exceeded those of his predecessors, according to a new report.
The New York Times today published a wide-ranging report, adapted from an upcoming book, "Confront and Conceal: Obama's Secret Wars and Surprising Use of American Power," by Times reporter David Sanger, on the Obama administration's use of cyberwarfare to take on Iran and potentially other countries or entities it views as a threat. Chief among the administration's targets was Iran's nuclear plants, including the Natanz facility targeted by Stuxnet.
According to the Times, the book cites several unidentified security officials who claim that the Obama administration didn't initiate plans to attack Iran's nuclear facilities -- the Bush Administration did -- but it did accelerate the initiative, known as Olympic Games. And the result of those efforts was none other than Stuxnet.
Stuxnet was first discovered in 2010 after it was found to be attacking the Natanz nuclear plant in Iran. Soon after, security researchers found that it was highly sophisticated and designed to attack computers running Siemens software used in industrial control systems. Several countries, including European Union allies of the U.S., expressed extreme concern over the malware. The U.S., however, was relatively tight-lipped on the outbreak.
"The question is where the heck is the Department of Homeland Security?" Joe Weiss, a critical infrastructure security expert, said in an interview with CNET in 2010. "There is no real guidance being given. There is nothing going out to the utilities or other end users talking about the actual compromise of the controller itself."
According to the Times, the seeming disinterest on the part of the U.S. might have been due to the fact that it created the malware. But behind closed doors, according to the Sanger's sources, Obama was wondering if the country should shut down Stuxnet after it had been discovered due to a "programming error." According to the sources, he was told by his officials to press on, and just a few weeks after it was detected, a new version of the worm took down nearly 1,000 of Iran's centrifuges.
But the U.S. didn't act alone. According to the Times, a special Israel unit collaborated with the U.S. on its attacks on Iran. For the U.S., according to Sanger's sources, working with Israel made sense. For one, Israel has intimate knowledge of Iran, a country it has long viewed as a major threat. The collaboration also helped the U.S. hold off any of Israel's plans to launch a preemptive strike against the nuclear facilities, according to the Times.
If the U.S. and Israel were actually behind Stuxnet and its attacks on Iran, it would confirm rampant speculation dating back to 2010. Soon after news of the attack went public, several security researchers and observers charged the U.S. and Israel with planting the malware -- which was initially delivered through a USB thumb drive -- and taking aim at Iran. Neither country admitted to that, and continue to stay tight-lipped on the matter.
A similar scenario has played out in the wake of the discovery of another worm, Flame. That payload, which was discovered earlier this week, has reportedly been in operation since 2010. Unlike Stuxnet, which was designed to take down physical sites, Flame steals information about targeted systems and stored files, as well as information on the computer display and audio conversations. Iran was the central target for the virus, but it also impacted machines in the West Bank, Syria, other Middle East countries, and Sudan.
Kaspersky Lab, which was first to discover the virus, has said that it believes the malware is "state-sponsored," and fingers have once again been pointed at the U.S. and Israel. Just yesterday, an Israel spokesperson for the country's vice prime minister, Moshe Ya'alon, denied any involvement in the attack. That followed a claim made by an unidentified U.S. official, telling MSNBC that "it was U.S." behind the attack -- a charge the government has not confirmed.
Still, those charges, along with Sanger's recent revelations, seem to confirm that the U.S. is heavily engaged in cyberattacks. Last year, the Chinese government took aim at the U.S. for allegedly attacking its networks, saying that "the U.S. military is hastening to seize the commanding military heights on the Internet."
That followed a claim made by former U.S. national security official Richard Clarke, who wrote in an op-ed piece last year that the U.S. is engaging in a policy known as "active defense," a term that he says the Pentagon uses to mean "offense" in its "daily guerrilla cyberwar."
Looking ahead, Sanger expects more cyber-based activity on the part of the U.S. In fact, one of his sources, a former U.S. intelligence official, told him that the country has "considered a lot more attacks," though many of those have not been initiated.
This story has been updated throughout the morning.