Stuxnet: A Way to Nuke Iran without Using a Bomb?

Last week, Russian Ambassador to NATO, Dmitry Rogozin, told the organization that the computer worm Israel and the US devised to ruin Iran’s nuclear program could have led to a catastrophe with the Bushehr nuclear plant like Chernobyl.

Russia said on Wednesday that NATO should investigate last year’s computer virus attack on a Russian-built nuclear reactor in Iran, saying the incident could have triggered a nuclear disaster on the scale of Chernobyl.

[snip]

“This virus, which is very toxic, very dangerous, could have very serious implications,” he said, describing the virus’s impact as being like explosive mines.

“These ‘mines’ could lead to a new Chernobyl,” he said, referring to the 1986 nuclear accident at a plant in Ukraine, then part of the Soviet Union. “NATO should get to investigating the matter… This is not a private topic.”

At first, it seemed like the risk for such a disaster had passed. But the AP has gotten a foreign intelligence report stating that the risk of such a catastrophe remains.

… such conclusions were premature and based on the “casual assessment” of Russian and Iran scientists at Bushehr.

With control systems disabled by the virus, the reactor would have the force of a “small nuclear bomb,” it says.

Which would be rather “neat,” don’t you think? If the US and Israel were to collaborate to pioneer cyberwarfare to effective set off an explosion equivalent to that of a nuclear bomb, all without having to drop the bomb themselves? (The Bushehr reactor is apparently just 12 KM outside of the city of Bushehr, Iran’s chief seaport.)

Richard Clarke provides an explanation (assuming this was not an intentional potential side effect of the US-Israeli plot) for why Stuxnet may still be a risk, in Iran and elsewhere.

Second, the cyber agent Stuxnet was captured and successfully interrogated. That was not supposed to happen. The attack program had built in to it all sorts of collateral damage controls, including instructions to kill itself after a date certain in 2009. Those controls, most unusual in the world of hackers but common in certain countries covert action programs, failed apparently because the weapon’s designers took the collateral damage controls less seriously than they did the ingenious attack. For a hacker, attacking is always more interesting than pleasing the lawyers. Thus, after laying low the Iranian nuclear enrichment centrifuges at Natanz, the worm made its way from that plant’s supposedly isolated, internal computer network to freedom in cyberspace. Thousands of other computers in Iran were infected, as were many in countries such as Pakistan, India, Indonesia, and even a few in the United States.

[snip]

The problem lies in the fact that the worm ran freely through cyberspace and lots of people caught a copy. One can be sure that highly skilled hackers in several countries are even now taking it apart, modifying it, and getting it ready to destroy some other target. They are benefiting from free access to the most sophisticated computer attack weapon ever created. That would not be such a problem except for the fact that the thousands of computer networks that run our economy are essentially defenseless against sophisticated computer attacks.

That is, the Israeli and American hackers behind this cyberattack were no more competent than (or perhaps, just as incompetent as) the spooks that gave Iran nuclear blueprints 11 years ago.

And meanwhile, DOD won’t tell Congress about its cyberwar operations, presumably up to and including Stuxnet.

I guess maybe they’re just crossing their finger and hoping none of the easily predicted unintended consequences would come to pass?

Tweet about this on Twitter0Share on Reddit0Share on Facebook0Google+0Email to someone

0 Responses to Stuxnet: A Way to Nuke Iran without Using a Bomb?

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
Emptywheel Twitterverse
JimWhiteGNV Tweet deck come back! Please!
57mreplyretweetfavorite
emptywheel Last link from here: http://t.co/OcumtSRZvF Pillar also notes that climate is a DIRECT threat, not just threat multiplier.
1hreplyretweetfavorite
emptywheel Paul Pillar bemoans "continued prominence of US pol figures whose views on climate sound more in tune w/days when Earth thought to be flat"
1hreplyretweetfavorite
JimWhiteGNV Why does my cat get angry with me when I sneeze?
1hreplyretweetfavorite
bmaz For NSA CTO Patrick Dowd and Keith Alexander, craven opportunism is not so much a revolving door as an umbilical cord http://t.co/SgAG2hJINZ
1hreplyretweetfavorite
emptywheel @Thomas_Drake1 And a teeny bit of thought abt why the govt might use defeat lists. @KenDilanianAP
1hreplyretweetfavorite
emptywheel @Thomas_Drake1 But yes, most of it is redacted. It just takes a bit of knowledge of CT cases to compare. @KenDilanianAP
1hreplyretweetfavorite
emptywheel @Thomas_Drake1 This wasn't exactly censored (which is how I know abt it). Even showed up in testimony! @KenDilanianAP
1hreplyretweetfavorite
emptywheel RT @NACDL: Investigation: "Confidential informants are an integral but problematic part of federal law enforcement" - @richelord http://t.c…
1hreplyretweetfavorite
emptywheel @onekade Just you. Also don't mind that O is reversing his stance abt coercive interrogations.
1hreplyretweetfavorite
emptywheel @granick Unless of course the "n" was "corrupt banksters." That'd be like shooting fish in haystack. But not interested there. @mattblaze
2hreplyretweetfavorite
emptywheel @granick That the "n" they're targeting is too small for algos to actually find the dots out of the haystack? @mattblaze
2hreplyretweetfavorite
January 2011
S M T W T F S
« Dec   Feb »
 1
2345678
9101112131415
16171819202122
23242526272829
3031