Stuxnet revealed: U.S. and Israel developed, lost control of Iran cyberwar campaign, NYT says

It’s been rumored for some time that the Stuxnet virus, which attacked Iran’s nuclear facilities in 2010 before escaping and wreaking havoc on the public Web, was a joint effort between the U.S. and Israel. But, aside from security firm reports, their connection was mostly speculation — until today.

A lengthy New York Times report this morning confirms that Stuxnet was indeed an American and Israeli project, and it also reveals some fascinating details about the first major cyberwar effort in the world.

According to the NYT, the cyberwar campaign, dubbed “Olympic Games,” began under President Bush in 2006 as a way to stall Iran’s nuclear ambitions. After virtually mapping Iran’s Natanz plant, the U.S. worked with an Israeli team to create an early variant of Stuxnet, which was programmed to target Siemens equipment and destroy centrifuges being used to purify uranium.

Given that the U.S. was in the middle of several ground efforts in the Middle East, it was tough to rally international support for a physical strike against Iran as well. A cyber-strike made more sense at the time, and it seems President Obama agreed, as he accelerated the cyberwar effort during his first few years in the White House.

“From his first days in office, he was deep into every step in slowing the Iranian program — the diplomacy, the sanctions, every major decision,” a senior administration official told the NYT. “And it’s safe to say that whatever other activity might have been under way was no exception to that rule.”

All was going well until an updated version of the virus made its way out of the Natanz plant. The new version of the virus had an error in its code that allowed it to spread to an Iranian engineer’s laptop, and it spread to the Internet when he left the plant.  White House officials blamed Israel for the mistake, according to the NYT.

Once the virus began replicating itself on the Web and attacking Siemens equipment worldwide, security companies ended up calling it Stuxnet.

Flame, the most recent virus targeting computers in the Middle East, wasn’t a part of Olympic Games, American officials told the NYT. They didn’t comment on whether the U.S. was behind Flame.

There are plenty of advantages to cyberwarfare: it involves practically no human casualties and lengthy ground campaigns, to name just a few. But it’s not a panacea, as relying too much on cyberwar efforts will inevitably make the U.S. a bigger target for cyber-strikes. That’s something that President Obama kept in mind as he accelerated the Olympic Games effort, the NYT reports.

Photo via President.ir