NATOSource is proudly sponsored by EADS North America
- Congo (DRC)
- Czech Republic
- North Korea
- Saudi Arabia
- South Africa
- South Korea
- Taiwan (ROC)
From David E. Sanger, the New York Times: From his first months in office, President Obama secretly ordered increasingly sophisticated attacks on the computer systems that run Iran’s main nuclear enrichment facilities, significantly expanding America’s first sustained use of cyberweapons, according to participants in the program.
Mr. Obama decided to accelerate the attacks — begun in the Bush administration and code-named Olympic Games — even after an element of the program accidentally became public in the summer of 2010 because of a programming error that allowed it to escape Iran’s Natanz plant and sent it around the world on the Internet. Computer security experts who began studying the worm, which had been developed by the United States and Israel, gave it a name: Stuxnet.
At a tense meeting in the White House Situation Room within days of the worm’s “escape,” Mr. Obama, Vice President Joseph R. Biden Jr. and the director of the Central Intelligence Agency at the time, Leon E. Panetta, considered whether America’s most ambitious attempt to slow the progress of Iran’s nuclear efforts had been fatally compromised.
“Should we shut this thing down?” Mr. Obama asked, according to members of the president’s national security team who were in the room.
Told it was unclear how much the Iranians knew about the code, and offered evidence that it was still causing havoc, Mr. Obama decided that the cyberattacks should proceed. In the following weeks, the Natanz plant was hit by a newer version of the computer worm, and then another after that. The last of that series of attacks, a few weeks after Stuxnet was detected around the world, temporarily took out nearly 1,000 of the 5,000 centrifuges Iran had spinning at the time to purify uranium.
This account of the American and Israeli effort to undermine the Iranian nuclear program is based on interviews over the past 18 months with current and former American, European and Israeli officials involved in the program, as well as a range of outside experts. None would allow their names to be used because the effort remains highly classified, and parts of it continue to this day.
These officials gave differing assessments of how successful the sabotage program was in slowing Iran’s progress toward developing the ability to build nuclear weapons. Internal Obama administration estimates say the effort was set back by 18 months to two years, but some experts inside and outside the government are more skeptical, noting that Iran’s enrichment levels have steadily recovered, giving the country enough fuel today for five or more weapons, with additional enrichment.
Whether Iran is still trying to design and build a weapon is in dispute. The most recent United States intelligence estimate concludes that Iran suspended major parts of its weaponization effort after 2003, though there is evidence that some remnants of it continue.
Iran initially denied that its enrichment facilities had been hit by Stuxnet, then said it had found the worm and contained it. Last year, the nation announced that it had begun its own military cyberunit, and Brig. Gen. Gholamreza Jalali, the head of Iran’s Passive Defense Organization, said that the Iranian military was prepared “to fight our enemies” in “cyberspace and Internet warfare.” But there has been scant evidence that it has begun to strike back.
The United States government only recently acknowledged developing cyberweapons, and it has never admitted using them. There have been reports of one-time attacks against personal computers used by members of Al Qaeda, and of contemplated attacks against the computers that run air defense systems, including during the NATO-led air attack on Libya last year. But Olympic Games was of an entirely different type and sophistication.
It appears to be the first time the United States has repeatedly used cyberweapons to cripple another country’s infrastructure, achieving, with computer code, what until then could be accomplished only by bombing a country or sending in agents to plant explosives. The code itself is 50 times as big as the typical computer worm, Carey Nachenberg, a vice president of Symantec, one of the many groups that have dissected the code, said at a symposium at Stanford University in April. Those forensic investigations into the inner workings of the code, while picking apart how it worked, came to no conclusions about who was responsible.
A similar process is now under way to figure out the origins of another cyberweapon called Flame that was recently discovered to have attacked the computers of Iranian officials, sweeping up information from those machines. But the computer code appears to be at least five years old, and American officials say that it was not part of Olympic Games. They have declined to say whether the United States was responsible for the Flame attack.
Mr. Obama, according to participants in the many Situation Room meetings on Olympic Games, was acutely aware that with every attack he was pushing the United States into new territory, much as his predecessors had with the first use of atomic weapons in the 1940s, of intercontinental missiles in the 1950s and of drones in the past decade. He repeatedly expressed concerns that any American acknowledgment that it was using cyberweapons — even under the most careful and limited circumstances — could enable other countries, terrorists or hackers to justify their own attacks.
“We discussed the irony, more than once,” one of his aides said. Another said that the administration was resistant to developing a “grand theory for a weapon whose possibilities they were still discovering.” Yet Mr. Obama concluded that when it came to stopping Iran, the United States had no other choice.
This article is adapted from “Confront and Conceal: Obama’s Secret Wars and Surprising Use of American Power,” to be published by Crown on Tuesday. (photo: Iranian President's Office) (graphics:
The daily news of the world's most powerful alliance.
The views expressed in NATOSource are solely those of the authors and do not necessarily reflect the views of the Atlantic Council, its staff, or its supporters.
Follow on Twitter: @NATOSource
"I am an enormous fan of NATOSource. I use it virtually every day, because it provides a wide variety of views, a solid base of factual knowledge, and keeps me in touch with the world of NATO."
(Graphics: Deutsche Welle and Reuters)
Most Popular NATOSource Posts
- Alliance Unity
- Allied Command Operations
- Allied Command Transformation
- Article 5
- Burden Sharing
- Capabilities Gap
- Chicago Summit
- Cyber Threats
- Defense Spending
- Energy Security
- High North
- Missile Defense
- NATO Defense Ministerials
- NATO Exercises
- NATO Ministerials
- NATO Operations
- NATO Partnerships
- NATO Response Force
- Nuclear Weapons
- Secretary General
- Smart Defense
- Special Forces
- Strategic Concept
- Transatlantic Relations
- United Nations
- Weapon Systems
- Associated Press
- Baltic Times
- Brussels blog
- Deutsche Welle
- EU Observer
- European Voice
- Financial Times
- Hurriyet Daily News
- International Herald Tribune
- Kyiv Post
- Le Monde Diplomatique
- Moscow Times
- New York Times
- Prague Daily Monitor
- Radio Free Europe
- Ria Novosti
- Russia Today
- Slovak Spectator
- St. Petersburg Times
- Times (London)
- Today's Zaman
- Wall Street Journal
- Washington Post
- American Enterprise Institute (AEI), United States
- Aspen Institute, United States
- Atlantic Council, United States
- Brookings Institution, United States
- Carnegie Endowment for International Peace, United States
- Cato Institute, United States
- Center for a New American Security (CNAS), United States
- Center for International Relations (CIR), Poland
- Center for Security Studies (CSS), Switzerland
- Center for Strategic and International Studies (CSIS), United States
- Center for Transatlantic Relations, United States
- Cicero Foundation, Netherlands
- Council on Foreign Relations, United States
- Danish Institute of International Studies (DIIS), Denmark
- EU Institute for Security Studies, France
- European Council on Foreign Relations, Bulgaria, France, Germany, Spain, UK
- European Institute, United States
- Fondation pour la Recherche Stratégique (FRS), France
- French Institute of International Relations (IFRI), France
- Fundacion para el Análisis y los Estudios Sociale (FAES), Spain
- German Council on Foreign Relations (DGAP), Germany
- German Marshall Fund of the United States, United States
- Grupo de Estudios Estratégicos (GEES), Spain
- Heritage Foundation, United States
- Hoover Institution, United States
- Institut de Relations Internationales et Stratégiques (IRIS), France
- Institute for Foreign Policy Analysis (IFPA), United States
- Institute for International and Security Affairs (SWP), Germany
- Instituto Affari Internazionali (IAI), Italy
- International Institute for Strategic Studies (IISS), United Kingdom
- Konrad Adenauer Stiftung, Germany
- Lemnitzer Center, United States
- Marshall Center, Germany
- Netherlands Institute of International Relations (Clingendael), Netherlands
- Norwegian Institute of International Affairs (NUPI), Norway
- RAND, United States
- Real Instituto Elcano, Spain
- Ridgway Center, United States
- Royal Institute of International Affairs (Chatham House), United Kingdom
- Royal United Services Institute (RUSI), United Kingdom
- Schuman Center (RSCAS), Italy
- Security & Defence Agenda (SDA), Belgium
- Strategy International (SI), Greece
- U.S. Institute of Peace, United States
- Woodrow Wilson International Center for Scholars, United States