Showing posts with label Stuxnet ‘worm’ attack. Show all posts
Showing posts with label Stuxnet ‘worm’ attack. Show all posts
Monday, March 5, 2012
Friday, November 18, 2011
Monday, June 20, 2011
Monday, January 17, 2011
Israel has already attacked Iran It is gradually becoming clear that Israeli intelligence, in cooperation with its American counterparts, has made a military strike on Iran's nuclear facilities redundant.
Israel will not attack Iran. At least not in the next few years. It will not attack, first and foremost, because the United States opposes such a move. Israel has never taken any independent step on a strategic issue of global importance without first coordinating or consulting with its allies, or at least without reaching the conclusion that the move would be received favorably in Washington. Israel will not attack Iran because its leadership is divided over the issue, and most decision makers at the operational and political levels, including Foreign Minister Avigdor Lieberman, are concerned that adventurism could be disastrous.
Israel will not strike because this would mean that Iran, Hezbollah and not unlikely, also Hamas (the chances of Syria joining in are minor), will respond with massive missile barrages targeting population centers and strategic sites - including the Dimona reactor, power plants, military basis and airports.
There is also another reason, which is gradually becoming clearer and bolsters the assessment that an Israeli strike against Iran's nuclear installations and support systems (aerial defense, communications, command and control) is not expected in the coming years. Such a strike would be redundant. According to foreign reports, Israeli intelligence, in cooperation with its American counterparts, has made such a strike redundant.
For a few months now, experts around the world have been trying to understand why Iran's nuclear program has been delayed, delays which have primarily manifested themselves in the partial shutdown of centrifuges at the Natanz facility. Until about 18 months ago, Iran had some 10,000 active centrifuges there. Now, according to the reports of the International Atomic Energy Agency inspectors, only 4,000 of them are operational.
The P-1 model of centrifuges are old and tend to become damaged; their operation requires staff with excellent technical skills. Even American experts who tried to master the P-1, according to The New York Times, ran into difficulties, in part because of its relatively primitive design.
However, according to the Times report yesterday, the ones who did succeed in getting the centrifuges to work were teams of experts from the Israel Atomic Energy Commission and Israeli intelligence. They had set up a model of the Natanz installation at the Dimona plant and learned how the centrifuges worked. This enabled hi-tech experts from Israeli intelligence to put together a sophisticated program known as the Stuxnet Worm, which was then inserted into the control and operation systems of the Natanz facility. The program entered the computer networks, took over the systems operating the machinery (manufactured by the German firm Siemens), and caused serious damage to the centrifuges. According to the report, as many as a fifth of the centrifuges have become inoperable as a result.
There are disagreements over the extent of the damage inflicted on Tehran's nuclear program by the worm and other sabotage efforts which have been attributed to Western, including Israeli, intelligence services - such as the establishment of shell companies that sold flawed equipment to Iran. Meir Dagan, who recently stepped down from heading the Mossad, and who is considered to be primarily responsible for this sabotage work, can proudly announce that Iran's ability to develop nuclear weapons has now been pushed back and will not manifest itself before 2015.
However long the delay may be, it is clear that it has given Israel and the West some breathing room. Experts in the United States and Europe have assessed, on the basis of knowledge of the air force's capabilities, that even the most successful strike would have delayed the Iranian nuclear program no more than three years - and this does not even take into account the number of pilots who would not have come home from the mission. The intelligence operation that has been attributed to Israel achieved this delay without any casualties or complications.
Saturday, January 15, 2011
Israel Tests on Worm Called Crucial in Iran Nuclear Delay
The Dimona complex in the Negev desert is famous as the heavily guarded heart of Israel’s never-acknowledged nuclear arms program, where neat rows of factories make atomic fuel for the arsenal.
Over the past two years, according to intelligence and military experts familiar with its operations, Dimona has taken on a new, equally secret role — as a critical testing ground in a joint American and Israeli effort to undermine Iran’s efforts to make a bomb of its own.
Behind Dimona’s barbed wire, the experts say, Israel has spun nuclear centrifuges virtually identical to Iran’s at Natanz, where Iranian scientists are struggling to enrich uranium. They say Dimona tested the effectiveness of the Stuxnet computer worm, a destructive program that appears to have wiped out roughly a fifth of Iran’s nuclear centrifuges and helped delay, though not destroy, Tehran’s ability to make its first nuclear arms.
“To check out the worm, you have to know the machines,” said an American expert on nuclear intelligence. “The reason the worm has been effective is that the Israelis tried it out.”
Though American and Israeli officials refuse to talk publicly about what goes on at Dimona, the operations there, as well as related efforts in the United States, are among the newest and strongest clues suggesting that the virus was designed as an American-Israeli project to sabotage the Iranian program.
In recent days, the retiring chief of Israel’s Mossad intelligence agency, Meir Dagan, and Secretary of State Hillary Rodham Clinton separately announced that they believed Iran’s efforts had been set back by several years. Mrs. Clinton cited American-led sanctions, which have hurt Iran’s ability to buy components and do business around the world.
The gruff Mr. Dagan, whose organization has been accused by Iran of being behind the deaths of several Iranian scientists, told the Israeli Knesset in recent days that Iran had run into technological difficulties that could delay a bomb until 2015. That represented a sharp reversal from Israel’s long-held argument that Iran was on the cusp of success.
The biggest single factor in putting time on the nuclear clock appears to be Stuxnet, the most sophisticated cyberweapon ever deployed.
In interviews over the past three months in the United States and Europe, experts who have picked apart the computer worm describe it as far more complex — and ingenious — than anything they had imagined when it began circulating around the world, unexplained, in mid-2009.
Many mysteries remain, chief among them, exactly who constructed a computer worm that appears to have several authors on several continents. But the digital trail is littered with intriguing bits of evidence.
In early 2008 the German company Siemens cooperated with one of the United States’ premier national laboratories, in Idaho, to identify the vulnerabilities of computer controllers that the company sells to operate industrial machinery around the world — and that American intelligence agencies have identified as key equipment in Iran’s enrichment facilities.
Seimens says that program was part of routine efforts to secure its products against cyberattacks. Nonetheless, it gave the Idaho National Laboratory — which is part of the Energy Department, responsible for America’s nuclear arms — the chance to identify well-hidden holes in the Siemens systems that were exploited the next year by Stuxnet.
The worm itself now appears to have included two major components. One was designed to send Iran’s nuclear centrifuges spinning wildly out of control. Another seems right out of the movies: The computer program also secretly recorded what normal operations at the nuclear plant looked like, then played those readings back to plant operators, like a pre-recorded security tape in a bank heist, so that it would appear that everything was operating normally while the centrifuges were actually tearing themselves apart.
The attacks were not fully successful: Some parts of Iran’s operations ground to a halt, while others survived, according to the reports of international nuclear inspectors. Nor is it clear the attacks are over: Some experts who have examined the code believe it contains the seeds for yet more versions and assaults.
“It’s like a playbook,” said Ralph Langner, an independent computer security expert in Hamburg, Germany, who was among the first to decode Stuxnet. “Anyone who looks at it carefully can build something like it.” Mr. Langner is among the experts who expressed fear that the attack had legitimized a new form of industrial warfare, one to which the United States is also highly vulnerable.
Officially, neither American nor Israeli officials will even utter the name of the malicious computer program, much less describe any role in designing it.
But Israeli officials grin widely when asked about its effects. Mr. Obama’s chief strategist for combating weapons of mass destruction, Gary Samore, sidestepped a Stuxnet question at a recent conference about Iran, but added with a smile: “I’m glad to hear they are having troubles with their centrifuge machines, and the U.S. and its allies are doing everything we can to make it more complicated.”
In recent days, American officials who spoke on the condition of anonymity have said in interviews that they believe Iran’s setbacks have been underreported. That may explain why Mrs. Clinton provided her public assessment while traveling in the Middle East last week.
By the accounts of a number of computer scientists, nuclear enrichment experts and former officials, the covert race to create Stuxnet was a joint project between the Americans and the Israelis, with some help, knowing or unknowing, from the Germans and the British.
The project’s political origins can be found in the last months of the Bush administration. In January 2009, The New York Times reported that Mr. Bush authorized a covert program to undermine the electrical and computer systems around Natanz, Iran’s major enrichment center. President Obama, first briefed on the program even before taking office, sped it up, according to officials familiar with the administration’s Iran strategy. So did the Israelis, other officials said. Israel has long been seeking a way to cripple Iran’s capability without triggering the opprobrium, or the war, that might follow an overt military strike of the kind they conducted against nuclear facilities in Iraq in 1981 and Syria in 2007.
Two years ago, when Israel still thought its only solution was a military one and approached Mr. Bush for the bunker-busting bombs and other equipment it believed it would need for an air attack, its officials told the White House that such a strike would set back Iran’s programs by roughly three years. Its request was turned down.
Now, Mr. Dagan’s statement suggests that Israel believes it has gained at least that much time, without mounting an attack. So does the Obama administration.
For years, Washington’s approach to Tehran’s program has been one of attempting “to put time on the clock,” a senior administration official said, even while refusing to discuss Stuxnet. “And now, we have a bit more.”
Finding Weaknesses
Paranoia helped, as it turns out.
Years before the worm hit Iran, Washington had become deeply worried about the vulnerability of the millions of computers that run everything in the United States from bank transactions to the power grid.
Computers known as controllers run all kinds of industrial machinery. By early 2008, the Department of Homeland Security had teamed up with the Idaho National Laboratory to study a widely used Siemens controller known as P.C.S.-7, for Process Control System 7. Its complex software, called Step 7, can run whole symphonies of industrial instruments, sensors and machines.
The vulnerability of the controller to cyberattack was an open secret. In July 2008, the Idaho lab and Siemens teamed up on a PowerPoint presentation on the controller’s vulnerabilities that was made to a conference in Chicago at Navy Pier, a top tourist attraction.
“Goal is for attacker to gain control,” the July paper said in describing the many kinds of maneuvers that could exploit system holes. The paper was 62 pages long, including pictures of the controllers as they were examined and tested in Idaho.
In a statement on Friday, the Idaho National Laboratory confirmed that it formed a partnership with Siemens but said it was one of many with manufacturers to identify cybervulnerabilities. It argued that the report did not detail specific flaws that attackers could exploit. But it also said it could not comment on the laboratory’s classified missions, leaving unanswered the question of whether it passed what it learned about the Siemens systems to other parts of the nation’s intelligence apparatus.
The presentation at the Chicago conference, which recently disappeared from a Siemens Web site, never discussed specific places where the machines were used.
But Washington knew. The controllers were critical to operations at Natanz, a sprawling enrichment site in the desert. “If you look for the weak links in the system,” said one former American official, “this one jumps out.”
Controllers, and the electrical regulators they run, became a focus of sanctions efforts. The trove of State Department cables made public by WikiLeaks describes urgent efforts in April 2009 to stop a shipment of Siemens controllers, contained in 111 boxes at the port of Dubai, in the United Arab Emirates. They were headed for Iran, one cable said, and were meant to control “uranium enrichment cascades” — the term for groups of spinning centrifuges.
Subsequent cables showed that the United Arab Emirates blocked the transfer of the Siemens computers across the Strait of Hormuz to Bandar Abbas, a major Iranian port.
Only months later, in June, Stuxnet began to pop up around the globe. The Symantec Corporation, a maker of computer security software and services based in Silicon Valley, snared it in a global malware collection system. The worm hit primarily inside Iran, Symantec reported, but also in time appeared in India, Indonesia and other countries.
But unlike most malware, it seemed to be doing little harm. It did not slow computer networks or wreak general havoc.
That deepened the mystery.
A ‘Dual Warhead’
No one was more intrigued than Mr. Langner, a former psychologist who runs a small computer security company in a suburb of Hamburg. Eager to design protective software for his clients, he had his five employees focus on picking apart the code and running it on the series of Siemens controllers neatly stacked in racks, their lights blinking.
He quickly discovered that the worm only kicked into gear when it detected the presence of a specific configuration of controllers, running a set of processes that appear to exist only in a centrifuge plant. “The attackers took great care to make sure that only their designated targets were hit,” he said. “It was a marksman’s job.”
For example, one small section of the code appears designed to send commands to 984 machines linked together.
Curiously, when international inspectors visited Natanz in late 2009, they found that the Iranians had taken out of service a total of exactly 984 machines that had been running the previous summer.
But as Mr. Langner kept peeling back the layers, he found more — what he calls the “dual warhead.” One part of the program is designed to lie dormant for long periods, then speed up the machines so that the spinning rotors in the centrifuges wobble and then destroy themselves. Another part, called a “man in the middle” in the computer world, sends out those false sensor signals to make the system believe everything is running smoothly. That prevents a safety system from kicking in, which would shut down the plant before it could self-destruct.
“Code analysis makes it clear that Stuxnet is not about sending a message or proving a concept,” Mr. Langner later wrote. “It is about destroying its targets with utmost determination in military style.”
This was not the work of hackers, he quickly concluded. It had to be the work of someone who knew his way around the specific quirks of the Siemens controllers and had an intimate understanding of exactly how the Iranians had designed their enrichment operations.
In fact, the Americans and the Israelis had a pretty good idea.
Testing the Worm
Perhaps the most secretive part of the Stuxnet story centers on how the theory of cyberdestruction was tested on enrichment machines to make sure the malicious software did its intended job.
The account starts in the Netherlands. In the 1970s, the Dutch designed a tall, thin machine for enriching uranium. As is well known, A. Q. Khan, a Pakistani metallurgist working for the Dutch, stole the design and in 1976 fled to Pakistan.
The resulting machine, known as the P-1, for Pakistan’s first-generation centrifuge, helped the country get the bomb. And when Dr. Khan later founded an atomic black market, he illegally sold P-1’s to Iran, Libya, and North Korea.
The P-1 is more than six feet tall. Inside, a rotor of aluminum spins uranium gas to blinding speeds, slowly concentrating the rare part of the uranium that can fuel reactors and bombs.
How and when Israel obtained this kind of first-generation centrifuge remains unclear, whether from Europe, or the Khan network, or by other means. But nuclear experts agree that Dimona came to hold row upon row of spinning centrifuges.
“They’ve long been an important part of the complex,” said Avner Cohen, author of “The Worst-Kept Secret” (2010), a book about the Israeli bomb program, and a senior fellow at the Monterey Institute of International Studies. He added that Israeli intelligence had asked retired senior Dimona personnel to help on the Iranian issue, and that some apparently came from the enrichment program.
“I have no specific knowledge,” Dr. Cohen said of Israel and the Stuxnet worm. “But I see a strong Israeli signature and think that the centrifuge knowledge was critical.”
Another clue involves the United States. It obtained a cache of P-1’s after Libya gave up its nuclear program in late 2003, and the machines were sent to the Oak Ridge National Laboratory in Tennessee, another arm of the Energy Department.
By early 2004, a variety of federal and private nuclear experts assembled by the Central Intelligence Agency were calling for the United States to build a secret plant where scientists could set up the P-1’s and study their vulnerabilities. “The notion of a test bed was really pushed,” a participant at the C.I.A. meeting recalled.
The resulting plant, nuclear experts said last week, may also have played a role in Stuxnet testing.
But the United States and its allies ran into the same problem the Iranians have grappled with: the P-1 is a balky, badly designed machine. When the Tennessee laboratory shipped some of its P-1’s to England, in hopes of working with the British on a program of general P-1 testing, they stumbled, according to nuclear experts.
“They failed hopelessly,” one recalled, saying that the machines proved too crude and temperamental to spin properly.
Dr. Cohen said his sources told him that Israel succeeded — with great difficulty — in mastering the centrifuge technology. And the American expert in nuclear intelligence, who spoke on the condition of anonymity, said the Israelis used machines of the P-1 style to test the effectiveness of Stuxnet.
The expert added that Israel worked in collaboration with the United States in targeting Iran, but that Washington was eager for “plausible deniability.”
In November, the Iranian president, Mahmoud Ahmadinejad, broke the country’s silence about the worm’s impact on its enrichment program, saying a cyberattack had caused “minor problems with some of our centrifuges.” Fortunately, he added, “our experts discovered it.”
The most detailed portrait of the damage comes from the Institute for Science and International Security, a private group in Washington. Last month, it issued a lengthy Stuxnet report that said Iran’s P-1 machines at Natanz suffered a series of failures in mid- to late 2009 that culminated in technicians taking 984 machines out of action.
The report called the failures “a major problem” and identified Stuxnet as the likely culprit.
Stuxnet is not the only blow to Iran. Sanctions have hurt its effort to build more advanced (and less temperamental) centrifuges. And last January, and again in November, two scientists who were believed to be central to the nuclear program were killed in Tehran.
The man widely believed to be responsible for much of Iran’s program, Mohsen Fakrizadeh, a college professor, has been hidden away by the Iranians, who know he is high on the target list.
Publicly, Israeli officials make no explicit ties between Stuxnet and Iran’s problems. But in recent weeks, they have given revised and surprisingly upbeat assessments of Tehran’s nuclear status.
“A number of technological challenges and difficulties” have beset Iran’s program, Moshe Yaalon, Israel’s minister of strategic affairs, told Israeli public radio late last month.
The troubles, he added, “have postponed the timetable.”
Friday, January 7, 2011
Stuxnet for Nobel Peace Prize
Three attacks on developing nuclear centers have occurred around the world, the most recent scant months ago. It is amazing that the year 2010 - pegged universally as crunch time for Iran's atomic ambitions - ended with such a whimper, not a bang. It was to be a year characterized ultimately by a crippling counterblow to Tehran's plans - with nary a peep from the media. No "top 10 stories of 2010" inclusions. Not even a WikiLeak.
On June 7, 1981, Israel Prime Minister Menachem Begin ordered his air force to destroy Saddam Hussein's Osirak nuclear site in Iraq. As the world twiddled its thumbs and tut-tutted, Israel took out this metastasizing growth. The United Nations Security Council, including America, condemned the attack 12 days later. As recently as a few months ago, calls for compensation to be paid by Israel to Iraq were still being voiced.
Just three years ago, the Syrian nuclear site at Deir Ez Zor, a shill forNorth Korea, was leveled. Both the International Atomic Energy Agency and CIA had concluded the site was heading toward military functionality. Eight "unidentified" aircraft carried out the mission, which included clandestine scouts on the ground. The bombers used Turkish airspace, tacitly approved as a result of Ankara's deep concerns over budding Syrian nuclearization. Brig. Gen. Mohammed Suleiman, Syrian President Bashar Assad's go-to-guy with North Korea and Iran, was subsequently - as if for good measure - fatally shot by an unnamed sniper while on vacation on Aug. 2, 2008.
Although then-Secretary of State Condoleezza Rice confirmed (a WikiLeak revelation) that Israel had rather unsurprisingly mounted the attack, no U.N. condemnations followed from an international body never shy to hurl hostile pronunciamentos in Jerusalem's direction. With supreme irony, the Syrians were too embarrassed to make much of a to-do, and Israel clearly preferred to keep it quiet.
Most amazing of all, the third attack was "silent but not subtle," as one analyst observed. Stuxnet. Even the name discourages casual conversation. Try saying it five times, fast. Perhaps the most sophisticated, complex worm virus ever designed (massively comprising 15,000 lines of code) invaded the rapidly developing computer control systems of Iran's atomic facilities. Analysts ascribed the capability to develop this level of malware to a small circle of candidates: the United States, Britain and Israel.
Washington's Institute for Science and International Security concluded that Stuxnet infected as many as 30,000 institutional computers involved in the project and outright broke 1,000 Iranian IR-1 centrifuges at the Natanz uranium-enrichment facility, prompting a rare understatement from President Mahmoud Ahmadinejad, citing technical problems as the cause for a temporary shutdown of the plant.
World security experts opined that Stuxnet was "amazing" and "groundbreaking," even a "prime example of clandestine digital warfare." Most concurred that basement hackers would not be likely sources of the malware, which required tremendous time, brainpower and government-level resources to create.
Whodunit? Curiously, even though many suspected Israel, global reactions were relatively muted. Some pointed to the Israel Defense Force's new (2009) Military Intelligence Unit 8200, concentrating dozens of brainy Israel's most precocious geeks under one roof. President Obama also ordered the creation in the United States of a new military unit called Cyber Command, headed by Gen. Keith Alexander. No one is perfect, but the new American unit failed spectacularly to prevent the mass Wiki-pilferage that recently rocked the world.
Some point to two deeply imbedded Stuxnet file names, myrtus and guava, interpreted as a not-so-subtle allusion to the Bible's Esther story. Her Hebrew name was Myrtle, in the guava family, and of course, she saved her people, the Jews, from imminent annihilation in ancient Iran. Then again, it might have been a red herring.
If the malwarfare were not enough, an outright panic assault on Iran's atomic scientists was also an integral part of the campaign. As recently as Nov. 29, quantum physicist Majid Shahriari was eliminated in Tehran, and colleague Fereydoun Abbasi was seriously injured in another assassination attempt across town.
Outgoing Mossad chief: Iran won't have nuclear capability before 2015 Meir Dagan tells Knesset committee that Iran's nuclear program has been set back several years after a series of malfunctions.
Meir Dagan, who retired from his post as Mossad chief on Thursday after eight years, does not believe Iran will have nuclear capability before 2015.
In a summary given to the Knesset Foreign Affairs and Defense Committee, Dagan said Iran was a long way from being able to produce nuclear weapons, following a series of failures that had set its program back by several years.
Dagan handed over the job to his successor, Tamir Pardo, in the Prime Minister’s Bureau Thursday morning, after having parted from the ministers during last Sunday’s cabinet session.
The former Mossad chief had said on various occasions in the past that Israel should go to war only if attacked, or if in immediate danger of survival.
Dagan concluded his term saying Iran was still far from being capable of producing nuclear weapons and that a series of malfunctions had put off its nuclear goal for several years. Therefore, he said, Iran will not get hold of the bomb before 2015 approximately.
According to a Wikileaks report, Dagan told a senior American official that it would take a series of coordinated moves to stop the Iranian nuclear program. He reportedly suggested increasing the economic sanctions against Iran, preventing the export of products required for the nuclear project to Iran, covert warfare, and encouraging minority and opposition groups to topple the Iranian regime.
Dagan’s work with Pardo over the past several weeks included trips abroad to present his successor to counterparts around the world. Their trip to England did not reflect the crisis between London and Jerusalem over the Mossad’s alleged use of British passports in the assassination of Hamas official Mahmoud al-Mabhouh last year in Dubai.
President Shimon Peres, Prime Minister Benjamin Netanyahu, Defense Minister Ehud Barak and senior defense and security officials will soon attend a farewell event for Dagan as well. Such events have become customary since 1995, when the government decided to expose the identity of the heads of both the Mossad and the Shin Bet security service.
Reputation restored
During his term, Dagan restored the Mossad’s reputation as an omnipotent organization whose reach extends to the ends of the earth − a myth that has contributed to Israel’s deterrence. Under his command, the espionage agency also regained its dominant status in the Israeli intelligence community and became a central player in the international arena. This was demonstrated in the numerous tete-a-tetes Dagan held with former U.S. President George Bush and other state leaders in Europe and the Middle East.
Dagan’s term centered around two main issues: the Iranian nuclear program; and the assassinations of Hezbollah and Hamas leaders and Iranian scientists, most if not all of which have been attributed to the Mossad.
The Israeli intelligence community’s assessments of Iran’s nuclear capability have changed during Dagan’s tenure. In 2003, Israeli intelligence officials thought Iran would have its first bomb by 2007. In 2007, they thought it would be 2009, and a year later they put it at 2011. Now the date has moved to 2015. These adjustments were not the result of mistaken evaluations, but due to the difficulties Iran has encountered in advancing its program, largely because of the Mossad’s efforts.
Monday, January 3, 2011
LAZERBEAMS: The Mighty Worm, by Rabbi Lazer Brody
It’s amazing how Time, Newsweek, and the CNN look at the news with no spiritual awareness whatsoever. The above quote should have beenthe banner headline of 2010, for it’s the secret that underlies this past year’s most earth-shaking events, especially Stuxnet and WikiLeaks, the two hottest names in the news.
“Worm of Jacob?” At first glance, Isaiah’s metaphor seems strange. Why compare Israel to a worm? Isaiah was one of our greatest prophets. He foresaw everything. Didn’t he see our modern IDF fighter squadrons? Didn’t he see our hi-tech capabilities? Didn’t he see the Mossad’s surgical-precision striking capabilities, our sophisticated unmanned planes and our nuclear reactors?
You can be assured that he did.
But the prophet Isaiah also saw how $50,000/piece Arrow missiles wouldn’t be able to stop $50/piece Kassam rockets put together in Gaza garages.
The Midrash (Tanchuma, Beshalach) explains why Israel is called “Worm of Jacob”: The worm is a soft invertebrate, yet it can destroy a mighty hardwood cedar. How? The worm attacks the cedar with its mouth. Just as the worm’s power is in its mouth, Israel’s power is also in its mouth, by way of its prayers.
King David was also a prophet. In Psalm 29, he says, “And Hashem shall break the cedars of Lebanon.” Rashi explains that the “cedars of Lebanon” are the nations hostile to Israel.
Most of us would probably nominate Achmedinejad’s Iran as the most hostile nation to Israel today, with its biweekly declarations of what they plan to do to us. Isaiah the Prophet had an answer for them too (Isaiah 8:10): “Their counsel shall be overturned for the Lord is with us.”
The mindboggling precision of Isaiah’s prophecies makes a micron look inaccurate. Achmedinejad and Iran are the Shiites who control Nasrulla and the Hizbulla, and the Hizbulla is the de facto ruler in Lebanon today. Achmedinejad and Iran therefore set the tone in Lebanon today. How interesting – Iran is in essence “the cedar of Lebanon”, contemporary Israel’s nemesis number-one.
An Israeli preemptive strike against Iran’s nuclear reactors is no longer a viable option; it would undoubtedly lead to a continental-scope confrontation and possibly a global war. Yet, Israel cannot remain idle and watch Achmedinejad and company put together nuclear warheads whose crosshairs hone in on our beloved tiny homeland in Zion.
Achmedinejad with his weasel-like smile (would you buy a used car from this individual?) looks at us and says in Chess terminology, “Checkmate!” Any move we make to an adjacent square is apparently catastrophic, either this year or in a few short months away.
Ok, Iran – it’s not yet checkmate, but granted, Israel is in check. That is, until Hashem joins in the game…
Hashem tells us, “Do not fear, worm of Jacob…”
There’s a wonderful expression that I once learned from the Stoliner Rebbe’s beadle: Hashem doesn’t use a 1000 Watt bulb when 25 Watts will get the job done.
The Gemara (tractate Gittin 56b) tells about when Titus defiled the Holy of Holies in the most unspeakable way, then destroyed the Holy Temple altogether. He shook a fist to the sky and boasted, “I have defeated You!”
A voice came down from the heavens and declared, “You haven’t even defeated the smallest of creatures in My world.” Hashem then sent a mosquito, which entered Titus’s nostril and penetrated his brain. It pecked away at his brain like a woodpecker for seven excruciating torture-filled years before he finally died his miserable death.
2000 years ago, a mosquito did what Bar Cochba and his armies couldn’t do.This past year, a worm has done what the most daring of IDF missions couldn’t dream of accomplishing: it has penetrated the dark-side holy of holies, Iran’s nuclear program. It’s amazing that the little bit of code that’s known as the computer virus is also referred to as a worm.
Experts and amateurs alike have been conjecturing who was brilliant enough to develop the worm known as Stuxnet, which was also surgically precise enough to penetrate the computers that control Iran’s nuclear reactor. Ed Barnes wrote an article for Foxnews.com entitled Mystery Surrounds Cyber Missile that Crippled Iran's Nuclear Weapons Ambitions– this article makes James Bond and 007 look like a Savta Simcha story.
We humbly submit the obvious solution to the mystery of where the worm named Stuxnet comes from – Hashem, and no one else. Ein od milvado, there’s no one but Him.
The theme of “No one but Him” is the key to understanding all of the major events not only of this past year, but for all of history.
Who would think than another worm, a tiny little snippet of code that wiggled its way into the world’s most carefully guarded email servers would give Wikileaks access to everything that’s going on in the CIA, MI5, KGB, and even our Mossad?
Hashem has a mighty sense of humor; via Wikileaks and Stuxnet, Hashem has shown smug Silicone Valley and prodigious governments alike that there is no cyber security or any other security without Him. We here in the Land of Emuna should be the first to recognize that fact.
Our world-renown Hi-Tech and IDF can’t give us what we need. Neither Elta, IAI, Intel or Sayeret Matkal can bring the rains that we so terribly need. But our prayers can. If every Jewish man, woman, or child would speak to Hashem for a few minutes a day in personal prayer, we’d all be up to our ankles in puddles.
Our power comes from the prayers of our mouths. 24-inch Hulk-Hogan-size biceps look fine in a photo, but you won’t accomplish anything spiritually by banging on the table. The recent Carmel fire was a sinister reminder of our national futility without Hashem’s blessing.
Hashem has been showing us all through 2010 how our military and technical might don’t cut the mustard anymore. I don’t know how soon Moshiach will be here, but with the light of emuna in the world, biceps now take a back seat; those 24-inchers can’t beat their way out of a spiritual paper bag.
So what does Hashem want from us in 2011? He wants us to return to our traditional powers of prayer and emuna.
Be firm like a worm. And don’t be afraid. G-d bless for a Happy New Year 2011.
Monday, November 29, 2010
Mystery Surrounds Cyber Missile That Crippled Iran's Nuclear Weapons Ambitions
In the 20th century, this would have been a job for James Bond.
The mission: Infiltrate the highly advanced, securely guarded enemy headquarters where scientists in the clutches of an evil master are secretly building a weapon that can destroy the world. Then render that weapon harmless and escape undetected.
But in the 21st century, Bond doesn't get the call. Instead, the job is handled by a suave and very sophisticated secret computer worm, a jumble of code called Stuxnet, which in the last year has not only crippled Iran's nuclear program but has caused a major rethinking of computer security around the globe.
Intelligence agencies, computer security companies and the nuclear industry have been trying to analyze the worm since it was discovered in June by a Belarus-based company that was doing business in Iran. And what they've all found, says Sean McGurk, the Homeland Security Department's acting director of national cyber security and communications integration, is a “game changer.”
The construction of the worm was so advanced, it was “like the arrival of an F-35 into a World War I battlefield,” says Ralph Langner, the computer expert who was the first to sound the alarm about Stuxnet. Others have called it the first “weaponized” computer virus.
Simply put, Stuxnet is an incredibly advanced, undetectable computer worm that took years to construct and was designed to jump from computer to computer until it found the specific, protected control system that it aimed to destroy: Iran’s nuclear enrichment program.
The target was seemingly impenetrable; for security reasons, it lay several stories underground and was not connected to the World Wide Web. And that meant Stuxnet had to act as sort of a computer cruise missile: As it made its passage through a set of unconnected computers, it had to grow and adapt to security measures and other changes until it reached one that could bring it into the nuclear facility.
When it ultimately found its target, it would have to secretly manipulate it until it was so compromised it ceased normal functions.
And finally, after the job was done, the worm would have to destroy itself without leaving a trace.
That is what we are learning happened at Iran's nuclear facilities -- both at Natanz, which houses the centrifuge arrays used for processing uranium into nuclear fuel, and, to a lesser extent, at Bushehr, Iran's nuclear power plant.
At Natanz, for almost 17 months, Stuxnet quietly worked its way into the system and targeted a specific component -- the frequency converters made by the German equipment manufacturer Siemens that regulated the speed of the spinning centrifuges used to create nuclear fuel. The worm then took control of the speed at which the centrifuges spun, making them turn so fast in a quick burst that they would be damaged but not destroyed. And at the same time, the worm masked that change in speed from being discovered at the centrifuges' control panel.
At Bushehr, meanwhile, a second secret set of codes, which Langner called “digital warheads,” targeted the Russian-built power plant's massive steam turbine.
Here's how it worked, according to experts who have examined the worm:
The mission: Infiltrate the highly advanced, securely guarded enemy headquarters where scientists in the clutches of an evil master are secretly building a weapon that can destroy the world. Then render that weapon harmless and escape undetected.
But in the 21st century, Bond doesn't get the call. Instead, the job is handled by a suave and very sophisticated secret computer worm, a jumble of code called Stuxnet, which in the last year has not only crippled Iran's nuclear program but has caused a major rethinking of computer security around the globe.
Intelligence agencies, computer security companies and the nuclear industry have been trying to analyze the worm since it was discovered in June by a Belarus-based company that was doing business in Iran. And what they've all found, says Sean McGurk, the Homeland Security Department's acting director of national cyber security and communications integration, is a “game changer.”
The construction of the worm was so advanced, it was “like the arrival of an F-35 into a World War I battlefield,” says Ralph Langner, the computer expert who was the first to sound the alarm about Stuxnet. Others have called it the first “weaponized” computer virus.
Simply put, Stuxnet is an incredibly advanced, undetectable computer worm that took years to construct and was designed to jump from computer to computer until it found the specific, protected control system that it aimed to destroy: Iran’s nuclear enrichment program.
The target was seemingly impenetrable; for security reasons, it lay several stories underground and was not connected to the World Wide Web. And that meant Stuxnet had to act as sort of a computer cruise missile: As it made its passage through a set of unconnected computers, it had to grow and adapt to security measures and other changes until it reached one that could bring it into the nuclear facility.
When it ultimately found its target, it would have to secretly manipulate it until it was so compromised it ceased normal functions.
And finally, after the job was done, the worm would have to destroy itself without leaving a trace.
That is what we are learning happened at Iran's nuclear facilities -- both at Natanz, which houses the centrifuge arrays used for processing uranium into nuclear fuel, and, to a lesser extent, at Bushehr, Iran's nuclear power plant.
At Natanz, for almost 17 months, Stuxnet quietly worked its way into the system and targeted a specific component -- the frequency converters made by the German equipment manufacturer Siemens that regulated the speed of the spinning centrifuges used to create nuclear fuel. The worm then took control of the speed at which the centrifuges spun, making them turn so fast in a quick burst that they would be damaged but not destroyed. And at the same time, the worm masked that change in speed from being discovered at the centrifuges' control panel.
At Bushehr, meanwhile, a second secret set of codes, which Langner called “digital warheads,” targeted the Russian-built power plant's massive steam turbine.
Here's how it worked, according to experts who have examined the worm:
--The nuclear facility in Iran runs an “air gap” security system, meaning it has no connections to the Web, making it secure from outside penetration. Stuxnet was designed and sent into the area around Iran's Natanz nuclear power plant -- just how may never be known -- to infect a number of computers on the assumption that someone working in the plant would take work home on a flash drive, acquire the worm and then bring it back to the plant.
--Once the worm was inside the plant, the next step was to get the computer system there to trust it and allow it into the system. That was accomplished because the worm contained a “digital certificate” stolen from JMicron, a large company in an industrial park in Taiwan. (When the worm was later discovered it quickly replaced the original digital certificate with another certificate, also stolen from another company, Realtek, a few doors down in the same industrial park in Taiwan.)
--Once allowed entry, the worm contained four “Zero Day” elements in its first target, the Windows 7 operating system that controlled the overall operation of the plant. Zero Day elements are rare and extremely valuable vulnerabilities in a computer system that can be exploited only once. Two of the vulnerabilities were known, but the other two had never been discovered. Experts say no hacker would waste Zero Days in that manner.
--After penetrating the Windows 7 operating system, the code then targeted the “frequency converters” that ran the centrifuges. To do that it used specifications from the manufacturers of the converters. One was Vacon, a Finnish Company, and the other Fararo Paya, an Iranian company. What surprises experts at this step is that the Iranian company was so secret that not even the IAEA knew about it.
--The worm also knew that the complex control system that ran the centrifuges was built by Siemens, the German manufacturer, and -- remarkably -- how that system worked as well and how to mask its activities from it.
--Masking itself from the plant's security and other systems, the worm then ordered the centrifuges to rotate extremely fast, and then to slow down precipitously. This damaged the converter, the centrifuges and the bearings, and it corrupted the uranium in the tubes. It also left Iranian nuclear engineers wondering what was wrong, as computer checks showed no malfunctions in the operating system.
Estimates are that this went on for more than a year, leaving the Iranian program in chaos. And as it did, the worm grew and adapted throughout the system. As new worms entered the system, they would meet and adapt and become increasingly sophisticated.
During this time the worms reported back to two servers that had to be run by intelligence agencies, one in Denmark and one in Malaysia. The servers monitored the worms and were shut down once the worm had infiltrated Natanz. Efforts to find those servers since then have yielded no results.
--Once the worm was inside the plant, the next step was to get the computer system there to trust it and allow it into the system. That was accomplished because the worm contained a “digital certificate” stolen from JMicron, a large company in an industrial park in Taiwan. (When the worm was later discovered it quickly replaced the original digital certificate with another certificate, also stolen from another company, Realtek, a few doors down in the same industrial park in Taiwan.)
--Once allowed entry, the worm contained four “Zero Day” elements in its first target, the Windows 7 operating system that controlled the overall operation of the plant. Zero Day elements are rare and extremely valuable vulnerabilities in a computer system that can be exploited only once. Two of the vulnerabilities were known, but the other two had never been discovered. Experts say no hacker would waste Zero Days in that manner.
--After penetrating the Windows 7 operating system, the code then targeted the “frequency converters” that ran the centrifuges. To do that it used specifications from the manufacturers of the converters. One was Vacon, a Finnish Company, and the other Fararo Paya, an Iranian company. What surprises experts at this step is that the Iranian company was so secret that not even the IAEA knew about it.
--The worm also knew that the complex control system that ran the centrifuges was built by Siemens, the German manufacturer, and -- remarkably -- how that system worked as well and how to mask its activities from it.
--Masking itself from the plant's security and other systems, the worm then ordered the centrifuges to rotate extremely fast, and then to slow down precipitously. This damaged the converter, the centrifuges and the bearings, and it corrupted the uranium in the tubes. It also left Iranian nuclear engineers wondering what was wrong, as computer checks showed no malfunctions in the operating system.
Estimates are that this went on for more than a year, leaving the Iranian program in chaos. And as it did, the worm grew and adapted throughout the system. As new worms entered the system, they would meet and adapt and become increasingly sophisticated.
During this time the worms reported back to two servers that had to be run by intelligence agencies, one in Denmark and one in Malaysia. The servers monitored the worms and were shut down once the worm had infiltrated Natanz. Efforts to find those servers since then have yielded no results.
This went on until June of last year, when a Belarusan company working on the Iranian power plant in Beshehr discovered it in one of its machines. It quickly put out a notice on a Web network monitored by computer security experts around the world. Ordinarily these experts would immediately begin tracing the worm and dissecting it, looking for clues about its origin and other details.
But that didn’t happen, because within minutes all the alert sites came under attack and were inoperative for 24 hours.
“I had to use e-mail to send notices but I couldn’t reach everyone. Whoever made the worm had a full day to eliminate all traces of the worm that might lead us them,” Eric Byres, a computer security expert who has examined the Stuxnet. “No hacker could have done that.”
Experts, including inspectors from the International Atomic Energy Agency, say that, despite Iran's claims to the contrary, the worm was successful in its goal: causing confusion among Iran’s nuclear engineers and disabling their nuclear program.
Because of the secrecy surrounding the Iranian program, no one can be certain of the full extent of the damage. But sources inside Iran and elsewhere say that the Iranian centrifuge program has been operating far below its capacity and that the uranium enrichment program had “stagnated” during the time the worm penetrated the underground facility. Only 4,000 of the 9,000 centrifuges Iran was known to have were put into use. Some suspect that is because of the critical need to replace ones that were damaged.
And the limited number of those in use dwindled to an estimated 3,700 as problems engulfed their operation. IAEA inspectors say the sabotage better explains the slowness of the program, which they had earlier attributed to poor equipment manufacturing and management problems. As Iranians struggled with the setbacks, they began searching for signs of sabotage. From inside Iran there have been unconfirmed reports that the head of the plant was fired shortly after the worm wended its way into the system and began creating technical problems, and that some scientists who were suspected of espionage disappeared or were executed. And counter intelligence agents began monitoring all communications between scientists at the site, creating a climate of fear and paranoia.
Iran has adamantly stated that its nuclear program has not been hit by the bug. But in doing so it has backhandedly confirmed that its nuclear facilities were compromised. When Hamid Alipour, head of the nation’s Information Technology Company, announced in September that 30,000 Iranian computers had been hit by the worm but the nuclear facilities were safe, he added that among those hit were the personal computers of the scientists at the nuclear facilities. Experts say that Natanz and Bushehr could not have escaped the worm if it was in their engineers’ computers.
“We brought it into our lab to study it and even with precautions it spread everywhere at incredible speed,” Byres said.
But that didn’t happen, because within minutes all the alert sites came under attack and were inoperative for 24 hours.
“I had to use e-mail to send notices but I couldn’t reach everyone. Whoever made the worm had a full day to eliminate all traces of the worm that might lead us them,” Eric Byres, a computer security expert who has examined the Stuxnet. “No hacker could have done that.”
Experts, including inspectors from the International Atomic Energy Agency, say that, despite Iran's claims to the contrary, the worm was successful in its goal: causing confusion among Iran’s nuclear engineers and disabling their nuclear program.
Because of the secrecy surrounding the Iranian program, no one can be certain of the full extent of the damage. But sources inside Iran and elsewhere say that the Iranian centrifuge program has been operating far below its capacity and that the uranium enrichment program had “stagnated” during the time the worm penetrated the underground facility. Only 4,000 of the 9,000 centrifuges Iran was known to have were put into use. Some suspect that is because of the critical need to replace ones that were damaged.
And the limited number of those in use dwindled to an estimated 3,700 as problems engulfed their operation. IAEA inspectors say the sabotage better explains the slowness of the program, which they had earlier attributed to poor equipment manufacturing and management problems. As Iranians struggled with the setbacks, they began searching for signs of sabotage. From inside Iran there have been unconfirmed reports that the head of the plant was fired shortly after the worm wended its way into the system and began creating technical problems, and that some scientists who were suspected of espionage disappeared or were executed. And counter intelligence agents began monitoring all communications between scientists at the site, creating a climate of fear and paranoia.
Iran has adamantly stated that its nuclear program has not been hit by the bug. But in doing so it has backhandedly confirmed that its nuclear facilities were compromised. When Hamid Alipour, head of the nation’s Information Technology Company, announced in September that 30,000 Iranian computers had been hit by the worm but the nuclear facilities were safe, he added that among those hit were the personal computers of the scientists at the nuclear facilities. Experts say that Natanz and Bushehr could not have escaped the worm if it was in their engineers’ computers.
“We brought it into our lab to study it and even with precautions it spread everywhere at incredible speed,” Byres said.
“The worm was designed not to destroy the plants but to make them ineffective. By changing the rotation speeds, the bearings quickly wear out and the equipment has to be replaced and repaired. The speed changes also impact the quality of the uranium processed in the centrifuges creating technical problems that make the plant ineffective,” he explained.
In other words the worm was designed to allow the Iranian program to continue but never succeed, and never to know why.
One additional impact that can be attributed to the worm, according to David Albright of the Institute for Science and International Studies, is that “the lives of the scientists working in the facility have become a living hell because of counter-intelligence agents brought into the plant” to battle the breach. Ironically, even after its discovery, the worm has succeeded in slowing down Iran's reputed effort to build an atomic weapon. And Langer says that the efforts by the Iranians to cleanse Stuxnet from their system “will probably take another year to complete,” and during that time the plant will not be able to function anywhere normally.
In other words the worm was designed to allow the Iranian program to continue but never succeed, and never to know why.
One additional impact that can be attributed to the worm, according to David Albright of the Institute for Science and International Studies, is that “the lives of the scientists working in the facility have become a living hell because of counter-intelligence agents brought into the plant” to battle the breach. Ironically, even after its discovery, the worm has succeeded in slowing down Iran's reputed effort to build an atomic weapon. And Langer says that the efforts by the Iranians to cleanse Stuxnet from their system “will probably take another year to complete,” and during that time the plant will not be able to function anywhere normally.
Subscribe to:
Posts (Atom)
