Friday, September 21, 2012

Leaking Stuxnet

The Supermassive blackhole of incompetence that is the Obama administration has unleashed potential serious repercussions because of administration leaks that U.S. was behind the Stuxnet virus.  First, a little background.  The Stuxnet virus is an extremely sophisticated malware payload that targeted Iranian enrichment centrifuges.  What is little known, is that the there appears to be a "man in the loop" to direct the damage that the virus causes.  The virus was first spread through the use of infected USB thumb drives.  (Safety tip: there are multiple reasons you should never use these devices, ever.)  Then the virus spreads to other computers on the infected network and calls home.  It is looking for the signature of a software package used to program a Programable Logic Controller (PLC).  The virus is clearly sending information to a home computer and receiving updated instructions from a "man in the loop."  In this case the the individual controlling the virus went looking for software designed specifically to control the Siemens PLCs to control uranium enrichment centrifuges. You can view a simplified explanation of the process without reference to Iran or Siemens at Symantec.

The man in the loop is a big problem for the U.S., along with the leak that the U.S. was involved in the attack.  From the WaPo:
A damaging cyberattack against Iran’s nuclear program was the work of U.S. and Israeli experts and proceeded under the secret orders of President Obama, who was eager to slow that nation’s apparent progress toward building an atomic bomb without launching a traditional military attack, say current and former U.S. officials.
Is there any doubt that the political purpose of the leak was to enhance the administrations cred with regards to being tough on Iran?  This is the worst administration for politically motivated leaks I have ever seen.  What might be the consequences?

The subject of cyberwarfare is a little murky now, but I have no doubt that the general laws of warfare apply to cyberspace as well.  The Stuxnet attack seemed targeted to a military capability of Iran, avoiding civilian collateral damage.  By itself, the scrupulousness of the attack would make me believe that it was a U.S. product.  However, by leaking our involvement, the administration has left us open to a reprisal by the Iranians, against which we might have little recourse under international law.  International law provides for a proportional response to an attack by a foreign power; especially if that attack lacks sanction under any reasonable rubric of self defense or U.N. resolution.  If Iran respond with a cyber attack of their own, we have no recourse, not even through deniability, because the Iranians can claim proportional response.

Further, the disclosure puts U.S. personnel at risk who were involved in the construction of Stuxnet.  As a legal matter, the keys stolen from a Taiwanese firm that allowed the USB to hijack portions of the Windows operating system, were stolen illegally.  The admission makes the U.S. government a de facto partner or perpetrator of a criminal act that we have signed treaties to prevent.  Conceivably, a lawsuit to prise open information regarding the construction of the virus could follow.

To be clear, I support covert means to derail the Iranian nuke program.  But, the leakers should be punished, except that they have probably been sanctioned the President himself, for selfish political gain.  Damn the country, he needs re-election.  

In case you wanted the basic explanation:


No comments:

Post a Comment