Report: Obama Ordered Stuxnet Assault

First Time U.S. Repeatedly Used Code to Cripple Infrastructure
Report: Obama Ordered Stuxnet Assault

President Obama, since the early months of his presidency, ordered increasingly sophisticated cyberattacks on Iranian computer systems to cripple nuclear enrichment centrifuges as part of a major expansion of America's first persistent use of cyberweapons, according to a report in The New York Times.

See Also: How Tri-Counties Regional Center Secures Sensitive Files and Maintains HIPAA Compliance

Code-named Olympic Games and begun during the Bush administration, Obama decided to hasten the attacks even after part of the program accidentally became public in the summer of 2010 because of a programming error that allowed it to escape Iran's Natanz plant and sent it around the world on the Internet, according to the article, which was adapted from the soon-to-be published book, Confront and Conceal: Obama's Secret Wars and Surprising Use of American Power, by Times reporter David Sanger.

Computer experts studying the worm named it Stuxnet, which Sanger reports was developed by the United States and Israel.

Though the United States government has acknowledged developing cyberweapons, it never admitted employing them. Still, the report says, Stuxnet appears be the first time the United States has repeatedly used cyberweapons to cripple another country's infrastructure, achieving, with computer code, what until then could be accomplished only by bombing a country or sending in agents to plant explosives.

Sanger spent 18 months interviewing current and former American, European and Israeli officials involved in the program, none of whom was identified by name because the project remains highly classified.

Forensic computer experts examining Stuxnet couldn't definitely identify the U.S. and Israel as the malware's authors, though the two nation's have long been suspected as the originators of the malicious code.

A new, recently discovered cyberweapon called Flame has attacked computers in Iran and elsewhere in the Middle East, but officials told Sanger Flame isn't part of Olympic Games, but declined to say whether the U.S. was behind the Flame attacks [see Israel Seen Fanning Flame of New Spyware].

Fears of a Cyberarms Race

"Mr. Obama, according to participants in the many Situation Room meetings on Olympic Games, was acutely aware that with every attack he was pushing the United States into new territory, much as his predecessors had with the first use of atomic weapons in the 1940s, of intercontinental missiles in the 1950s and of drones in the past decade," the report says. "He repeatedly expressed concerns that any American acknowledgment that it was using cyberweapons - even under the most careful and limited circumstances - could enable other countries, terrorists or hackers to justify their own attacks. ... Yet. Mr. Obama concluded that when it came to stopping Iran, the United States had no other choice."

Obama told aides there would be no time for sanctions and diplomacy with Iran to work if Olympics Games failed, resulting in a possible conventional military assault by Israel against Iranian nuclear facilities that could prompt a conflict throughout the region.


About the Author

Information Security Media Group

Information Security Media Group (ISMG) is the world's largest media company devoted to information security and risk management. Each of its 28 media sites provides relevant education, research and news that is specifically tailored to key vertical sectors including banking, healthcare and the public sector; geographies from the North America to Southeast Asia; and topics such as data breach prevention, cyber risk assessment and fraud. Its yearly global Summit series connects senior security professionals with industry thought leaders to find actionable solutions for pressing cybersecurity challenges.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.