StuxNet: Covert Op-Exposing Code In, Covert Op-Exposing Code Out

In this interview between David Sanger and Jake Tapper, Sanger makes a striking claim: that he doesn’t know who leaked StuxNet.

I’ll tell you a deep secret. Who leaked the fact? Whoever it was who programmed this thing and made a mistake in it in 2010 so that the bug made it out of the Natanz nuclear plant, got replicated around the world so the entire world could go see this code and figure out that there was some kind of cyberattack underway. I have no idea who that person was. It wasn’t a person, it wasn’t a person, it was a technological error.

At one level, Sanger is just making the point I made here: the age of cyberwar may erode even very disciplined Administration attempts to cloak their covert operations in secrecy. Once StuxNet got out, it didn’t take Administration (or Israeli) sources leaking to expose the program.

But I’m amused that Sanger claims he doesn’t know who leaked the information because he doesn’t know who committed the “technological error” that allowed the code to escape Natanz. I find it particularly amusing given that Dianne Feinstein recently suggested Sanger misled her about what he would publish (while not denying she might call for jailing journalists who report such secrets).

What you have are very sophisticated journalists. David Sanger is one of the best. I spoke–he came into my office, he saw me, we’ve worked together at the Aspen Strategy Institute. He assured me that what he was publishing he had worked out with various agencies and he didn’t believe that anything was revealed that wasn’t known already. Well, I read the NY Times article and my heart dropped because he wove a tapestry which has an impact that’s beyond any single one thing. And he’s very good at what he does and he spent a year figuring it all out.

Sanger claims, now that DiFi attacked him, he doesn’t know who made this “technological error.”

But that’s not what he said in his article, as I noted here. His article clearly reported two sources–one of them a quote from Joe Biden–blaming the Israelis.

An error in the code, they said, had led it to spread to an engineer’s computer when it was hooked up to the centrifuges. When the engineer left Natanz and connected the computer to the Internet, the American- and Israeli-made bug failed to recognize that its environment had changed. It began replicating itself all around the world. Suddenly, the code was exposed, though its intent would not be clear, at least to ordinary computer users.

“We think there was a modification done by the Israelis,” one of the briefers told the president, “and we don’t know if we were part of that activity.”

Mr. Obama, according to officials in the room, asked a series of questions, fearful that the code could do damage outside the plant. The answers came back in hedged terms. Mr. Biden fumed. “It’s got to be the Israelis,” he said. “They went too far.”

And even though Sanger calls this code an “error,” the quotations he includes show that the President’s briefer and Joe Biden believe it was not an error at all.

In this post, I suggested that the Israelis coded StuxNet to escape, without telling the Americans, so as to undermine American attempts to occupy them with cyberwar to prevent hot war. That is, the implication of Sanger’s article (which he now seems to be trying to retract) is that the Israelis deliberately exposed our cyberwar attack so as to make it more likely they could start a war with Iran.

But there is a far more ominous possibility. The Russians, based on analysis they did at Iran’s Bushehr nuclear plant, have claimed StuxNet might have–and still might–cause Bushehr to explode, effectively setting off a nuclear bomb using code.

Is DiFi so angry at Sanger because he ham-handedly revealed that the Israelis deliberately turned StuxNet into a potential WMD?

Tweet about this on Twitter0Share on Reddit0Share on Facebook0Google+0Email to someone

87 Responses to StuxNet: Covert Op-Exposing Code In, Covert Op-Exposing Code Out

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
Emptywheel Twitterverse
bmaz @MasaccioEW No, probably 70% of the actual activities, lodging and tourist dollars are nowhere near Glendale.
6mreplyretweetfavorite
bmaz @armandodkos @rickhasen @ThePlumLineGS @CitizenCohn Let me amend that: I think it very much ought lose, hope it will, but who knows AMK+JGR?
28mreplyretweetfavorite
bmaz @armandodkos @rickhasen @ThePlumLineGS @CitizenCohn I disagree. I think it should+will lose, but not absurd argument.
31mreplyretweetfavorite
bmaz @rickhasen @ThePlumLineGS @CitizenCohn And not a lick of it will influence the Supreme beings.
32mreplyretweetfavorite
bmaz @rickhasen @ThePlumLineGS @CitizenCohn I agree. Both sides are flailing with impertinent args. as to legislative intent/history. It's silly.
33mreplyretweetfavorite
bmaz @armandodkos @rickhasen @ThePlumLineGS @CitizenCohn Of course they did, they were the plaintiffs. I'm sick of it from both sides at this pt
35mreplyretweetfavorite
bmaz @rickhasen @ThePlumLineGS @CitizenCohn That statement was requested of me, it is true, and now I have made it. Finis.
38mreplyretweetfavorite
bmaz Okay, let me be crystal clear: Both sides of King debate have engaged in disingen legs intent args @rickhasen @ThePlumLineGS @CitizenCohn
38mreplyretweetfavorite
emptywheel @dametzger It was 15 years ago, before Bush and Obama started going after innocuous contacts with the press. But yes, now it'd be suicide.
48mreplyretweetfavorite
emptywheel @dametzger Yes, but Risen had properly talked to and published on Sterling's EEO claim. That's all legal.
55mreplyretweetfavorite
emptywheel Me on Uprising talking about Sterling verdict. http://t.co/bV5zEj1ZuZ "Be careful of 4:11 of phone convos--you could go to prison 30 years"
56mreplyretweetfavorite
emptywheel Thanks to @saccadst for correcting me: the CSEC program is Levitation, but maybe should be called Leviathan.
1hreplyretweetfavorite
June 2012
S M T W T F S
« May   Jul »
 12
3456789
10111213141516
17181920212223
24252627282930