President Barack Obama’s administration has taken direct responsibility for a rapid acceleration in cyber-attacks against Iran‘s nuclear programme.
According to anonymous senior administration sources quoted in the New York Times, Obama decided to speed up a programme first launched by his predecessor, George W Bush, codenamed Olympic Games, whose aim was to use computer viruses to attack Iran’s nuclear enrichment programme.
The decision to reveal Obama’s role in the cyberwar against Iran follows hard on the heels of the highly political disclosure in an election year that the president had taken a personal role in approving terrorist targets for US drone strikes.
And the depiction of his key involvement in two major clandestine military operations follows photographs last year showing him, as commander-in-chief, awaiting news of the death of Osama bin Laden.
The revelations on Iran appear designed to neutralise Republican accusations that he has been weak over the issue of Iran’s nuclear programme.
According to the New York Times, Obama took the decision to accelerate the pace of computer sabotage against Tehran in 2010 even after details about one of the cyberweapons developed to attack Iran, the so-called Stuxnet worm, accidentally leaked on to the internet because of a programming error.
That worm had been designed to target Iran’s Natanz plant.
At a meeting in the White House situation room within days of the worm’s “escape”, Obama asked his advisers, including Leon Panetta, the head of the CIA, whether the effort should be wound up because it had been compromised.
According to sources in the room at the time, Obama asked: “Should we shut this thing down?” before deciding instead to push ahead with the attacks. The Natanz plant was hit twice more by versions of the worm, which damaged up to 1,000 high-speed centrifuges then enriching uranium.
The revelation of Obama’s involvement in ordering cyber-attacks on Iran in a joint programme also involving Israel, follows the disclosure earlier this week that Iran had recently been hit by a massive new virus named Flame, 20 to 40 times larger than Stuxnet, found infecting PCs in Iran.
According to Symantec – a Russian-based computer security firm that has studied both Stuxnet and Flame – the first Stuxnet attack on Iran took place around June 2009, but its existence did not emerge until almost a year later, appearing to fit precisely the timeline proposed by the New York Times’ sources.
Indeed, some experts have said there are sufficient similarities between the two worms to suggest they have the same source.
The timing of the disclosure to David E Sanger, who boasts of access to Obama and his closest officials, is significant in a presidential election year.
In recent weeks, Republican candidate Mitt Romney has tried to portray the Obama administration as weak and muddled on foreign policy, most recently over the crisis in Syria.
The recent highly sympathetic media disclosures appear to have been carefully calculated to counter this suggestion.
The programme was first launched in 2006 under President Bush, who had been advised that a cyberweapon might be more effective than sabotage – the CIA had introduced faulty materials into Iran’s nuclear procurement networks.
The goal then was to secretly access Natanz’s industrial computer controls, which had been designed by the German company Siemens, to acquire a detailed blueprint of how it worked.
That achieved, a joint US-Israeli operation set about building a worm to attack the plant’s computer systems and make its centrifuges run out of control.
As was suggested at the time, Stuxnet appears to have been introduced into the Iranian plant with contaminated thumb drives.
“That was our holy grail,” one of the architects of the plan said, referring to how the plant was physically accessed. “It turns out there is always an idiot around who doesn’t think much about the thumb drive in their hand.”
American sources quoted also blame Israel for the eventual discovery of the worm, which had been intended to remain secret, after the US’s Israeli partners had modified Stuxnet and made a programming error that caused it to escape and replicate in cyberspace.
The disclosures also throw fresh light on the rapid development of US cyberwarfare capability and reveal its willingness to use cyberweapons offensively to achieve policies.
[Computer hacker via gualtiero boffi / Shutterstock]