Due to the Iran nuclear talks and eventual deal, this whole story while accurate it appears, may be an actual leak for the sake of legitimizing Iran.
David Sanger and Mark Mazzetti report on the February 16, 2016 New York Times website that “in the early years of the Obama administration, the United States developed an elaborate plan for a cyber attack on Iran, in case the diplomatic effort to limit its nuclear program failed; and, led to a military conflict, according to a upcoming documentary film, and interviews with military and intelligence officials involved in the effort.”
“The plan, code-named NITRO ZEUS, was devised to disable Iran’s air defenses, communications systems; and, crucial parts of the power grid,” the Times noted; but, was shelved when the nuclear deal with Iran was concluded. The Times adds that “NITRO ZEUS was part of an effort to assure POTUS Obama that he had alternatives, short of a full-scale war — if Iran lashed out at the United States, or its allies in the region. At its height, officials say, the planning for NITRO ZEUS involved thousands of American military and intelligence personnel, spending tens of millions of dollars; and, placing electronic implants in Iranian computer networks to “prepare the battlefield,” in the parlance of the Pentagon.”
FC: The White House was no doubt hoping to dissuade Israel from conducting a pre-emptive military strike against Iran’s nuclear infrastructure, while the nuclear negotiations with Iran were nearing a conclusion. Left unanswered in the Times article was any mention of Israel’s cooperation and/or participation in the NITRO ZEUS planning and ultimate execution. Was Israel made aware of the plan?; but, not invited to participate? Were they a full partner and expected to contribute to the operation if it had occurred? Or, did the White House attempt to keep Israel out of any knowledge or participation in the effort?
Mr. Sanger and Mr. Mazzetti note that in addition to NITRO ZEUS, “American intelligence agencies developed a separate, far more narrowly focused cyber plan to disable Iran’s Fordo nuclear enrichment site, which Iran built deep inside a mountain near the [religious] city of Qom. The attack [on Fordo] would have been a covert operation,” which would have required POTUS approval.
“Fordo has long been considered one of the hardest targets in Iran, buried too deep for all but the most powerful bunker-buster [bombs] in the American military arsenal,” Mr. Sanger and Mr. Mazzetti write. “Thev proposed [covert] intelligence operation called for the insertion of a computer “worm” into the facility — with the aim of frying Fordo’s computer systems — effectively delaying, or destroying the ability of Iranian centrifuges to enrich uranium at the enrichment site. It was intended as a follow-up to “OLYMPIC GAMES,” the code-name of a cyber attack [never acknowledged] by the United States and Israel that destroyed 1,000 Iranian nuclear centrifuges; and [at least], temporarily disrupt [nuclear fuel] production at Natanz, a far larger; but, less protected enrichment site.” This operation involved the use of the STUXNET cyber worm; and is considered by many the first military use of a cyber weapon of mass disruption.
Mr. Sanger and Mr. Mazzetti note that “the existence of NITRO ZEUS was uncovered in the course of reporting for “Zero Days,” a documentary that will be shown Wednesday [today] at the Berlin Film Festival. Directed by Alex Gibney, who is known for other documentaries, including the Oscar-winning, “Taxi To The Dark Side,” about the [alleged] use of torture by American interrogators; and, “We Steal Secrets: The Story Of Wikileaks.”
“Zero Days,” describes the escalating conflict between Iran and the West, in the years leading up to the agreement, and discovery of the cyber attack on the Natanz enrichment plant; and, the debates inside the Pentagon over whether the United States has [had] a workable [cyber] doctrine for the use of a new form of weaponry — whose ultimate effects are [still] only vaguely understood,” the Times noted.
“For the seven-year old United States Cyber Command, which is still building its cyber “special forces,” and deploying them throughout the world, the Iran project [which involved infusing electronic implants at key digital ‘choke-points] was perhaps its most challenging program yet,” Mr. Sanger and Mr. Mazzetti write. “This was enormous, and [an] enormously complex program [operation],” said one participant who requested anonymity because the program is still [highly] classified. “Before it was developed, the U.S. had never assembled a combined cyber, kinetic attack plan on this scale,” the official added.
“While U.S. Cyber Command would have executed NITRO ZEUS, the National Security Agency’s (NSA) Tailorerd Access Operations Unit (TAO) was responsible for penetrating the adversary’s [Iran’s] networks, which would have required piercing, and maintaining a presence in a vast number of Iranian networks, including the country’s air defenses and its transportation and command control centers,” The Times noted.
“It is a tricky business, the war planners say, because their knowledge of how networks are connected in Iran, or any other hard target, is sketchy, and collateral damage is always hard to predict. It is easier to turn off power grids, for example, than to start them up again.” And, there is the critical and fundamental issue of restoring trust in the system by the people — something which is often difficult to do — just ask Target. They have managed; but, it took a while.
The covert operation to sabotage Fordo was challenging to say the least, since this was a clandestine Iranian nuclear enrichment facility, buried inside a mountain and no doubt heavily guarded and very difficult to breach. Very difficult, but not impossible. As The Times noted, some of the stolen NSA documents purloined by fugitive Edward Snowden allegedly demonstrate how computer worms and cyber viruses can be secretly inserted — remotely — into a targeted network — even if disconnected from the Internet. I commented on article yesterday on how to steal secret keylogger data from a disconnected/stand-alone computer in another room. Needless to say, Mr. Snowden greatly aided our adversaries and the Islamic State and al Qaeda, others with his reckless and destructive leaks. CIA Director john Brennan admitted in a CBS 60 Minutes interview on Sunday that the Paris attackers used encrypted communications to plan, orchestrate, and launch their attack, an operational technique that allowed them to ‘remain dark’ thus prevent or undermine our ability to ferret out and hopefully prevent their operations. In the aftermath of the Snowden leaks, these groups substantially enhanced their encryption software; as evidenced in both Paris and San Bernardino.
For the life of me, I cannot figure out why some within the U.S. government thought disclosing this alleged operation was in our national security interests and beneficial for everyone to know. If the report is true, it betrays extremely sensitive tactics, techniques, and procedures. As the age old saying goes, “one cannot vanquish one’s enemies, by telegraphing one’s punches.” Okay, nukes aside. There are those who argue that a deterrent capability only works, if the opponent believes you can actually do what you say you can. But, the cyber world is vastly different from the kinetic, military weaponry world, as revealing an offensive cyber capability is likely to render the digital weapon useless beyond the initial public disclosure and use. Hackers, malcontents, others will take pleasure in being the first to reverse engineer the cyber weapon and post their findings on the open net for all to see — and, take appropriate counter-measures. One also has to assume that North Korea, among others, is now aware of how their own networked nuclear infrastructure could be vulnerable and take pre-emptive steps to remedy their vulnerabilities. More details from the NYT’s here.
