The New York Times reported rather conclusively on Saturday that the super-advanced computer virus that has at least partially crippled Iran’s nuclear program was developed and tested by Israel, with American involvement.
Known as Stuxnet, the virus was first identified “in the wild” about two years ago. About one year ago, it infected the computers that control the uranium enrichment plant at Natanz in central Iran. By all accounts, Stuxnet has to date managed to knock out 984 centrifuges and has, according to Israeli officials, set back Iran’s nuclear program by a good three-to-four years.
According to the report, the idea for the virus was birthed after Israel requested bombs and a green light from the US to launch a military assault on Iran’s nuclear facilities. Told that such an assault would not end Iran’s nuclear program, but merely set it back by several years, former US President George W. Bush said no.
So, work began on another way to achieve the same goal without sparking a Middle East war.
One of the keys to the plan were the computer controllers made by the German technology firm Siemens, which US intelligence had learned were being used at the Natanz plant. American engineers spent time analyzing the potential security holes in the Siemens machines.
But there was a hiccup.
Iran is apparently using centrifuges modeled on the now-archaic designs of Pakistani scientist A. Q. Khan. America had gotten its hands on a large stockpile of these centrifuges when Libya dismantled its nuclear program in 2003, but US and British engineers failed to get the things to operate in a stable manner.
That’s where Israel comes in. At the nuclear base in the southern Israel town of Dimona, engineers did manage, reportedly after much trial and error, to get the outdated centrifuges to run stably and were able to test the meticulously-crafted computer worm on them.
Computer security experts who have since deconstructed Stuxnet say it is a work of art, and by far the most advanced computer virus ever created.
Stuxnet has infected countless industrial computers around the world, but was very carefully coded to only attack a very specific kind of system performing a very specific kind of task.
Basically, the way Stuxnet works is that is causes the centrifuges to spin so fast that they begin to wobble and tear themselves apart. But that’s not enough, as the computer controllers that run the centrifuges are programmed to shut down at the first sign of trouble. So, Stuxnet was also programmed to fool the computer controllers by sending signals indicated that all was well with the centrifuges, when in reality they were self-destructing.
And Stuxnet might not be done. One expert who examined the code said the virus has the ability to hibernate and self-replicate, hiding itself deep inside a computer system undetected only to reemerge and again cause havoc at a later date.
Both Israel and the US continue to assert they have no connection to Stuxnet, though it is now widely believed that the Israeli army’s vaunted Unit 8200, the equivalent of American’s National Security Agency, was the originator.