Daniel W. Drezner

Looks like that top secret espionage program against Iran isn’t so secret anymore

Looks like that top secret espionage program against Iran isn’t so secret anymore

A little more than a month ago I wrote the following:

The sanctions and the lack of technical competence are probably helping [slow down Iran’s nuclear program], but if I had to guess, I’d wager that the covert attempts at sabotage are yielding the most promising results.  The thing is, no administration can publicly say, "hey, everyone should relax about Iran’s nuclear program, cause we’ve got covert operatives crawling all around Natanz, Bushehr, and Qom."…. 

Now, I don’t know this to be true — it’s possible that covert action has yielded little in the way of results.  Still, this might be a situation in which no news on Iran is actually good news.

I still don’t know this to be true, but after reading this Financial Times story by Joseph Menn and Mary Watkins, my confidence in this assertion is rising: 

A piece of highly sophisticated malicious software that has infected an unknown number of power plants, pipelines and factories over the past year is the first program designed to cause serious damage in the physical world, security experts are warning.

The Stuxnet computer worm spreads through previously unknown holes in Microsoft’s Windows operating system and then looks for a type of software made by Siemens and used to control industrial components, including valves and brakes….

At a closed-door conference this week in Maryland, Ralph Langner, a German industrial controls safety expert, said Stuxnet might be targeting not a sector but perhaps only one plant, and he speculated that it could be a controversial nuclear facility in Iran.

According to Symantec, which has been investigating the virus and plans to publish details of the rogue commands on Wednesday, Iran has had far more infections than any other country.

“It is not speculation that this is the first directed cyber weapon”, or one aimed at a specific real-world process, said Joe Weiss, a US expert who has testified to Congress on technological security threats to the electric grid and other physical operations. “The only speculation is what it is being used against, and by whom.”

Experts say Stuxnet’s knowledge of Microsoft’s Windows operating system, the Siemens program and the associated hardware of the target industry make it the work of a well-financed, highly organised team.

They suggest that it is most likely associated with a national government and that terrorism, ideological motivation or even extortion cannot be ruled out.

Stuxnet began spreading more than a year ago but research has been slow because of the complexity of the software and the difficulty in getting the right industry officials talking to the right security experts.

Unless there’s an Iranian John McClane running around Iran, this looks like something that could help retard Iran’s nuclear program. 

Now, I’m very uncomfortable with a lot of the rhetoric surrounding the notion  of "cyberwarfare." It needlessly equates actions in cyberspace with real-world warfare, when I’m not at all sure that either the logic of consequences or the logic of appropriateness are the same in both spheres. 

That said, I do wonder about the long-term effects of this kind of cyberattack. The very way the FT is reporting this story suggests that some kind of line has been crossed. Not to mention the fact that the news coverage itself suggests that this gambit has run its course. 

Developing… in ways that I cannot begin to fathom.