Les anglonautes

About | Search | Vocapedia | Learning | Podcasts | Videos | History | Culture | Science | Translate

 Previous Home Up Next


Vocapedia > War > Cyberwar





Cyberconflict: Why the Worst Is Yet to Come

Video        The New York Times        4 January 2019


Despite the devastation cyberweapons

have caused around the world over the last decade,

they are still in their infancy. David E. Sanger,

a New York Times national security correspondent,

explains why the threat is growing.





















Photograph: Larry Downing



Arms Control for a Cyberage


FEB. 26, 2015



















Mike Keefe



14 June 2011











cyberconflict / cyber conflict       USA




watch?v=mtBnu-YtibA - NYT - 4 January 2019








cyber war / cyberwar        UK / USA

























































act of cyberwar        USA






global cyberwar        UK






online war        UK






warfare in cyberspace        USA






cyberwarfare        USA












cyberwarfare        UK






warfare in cyberspace        USA






cyber weapons        USA

watch?v=mtBnu-YtibA - NYT - 4 January 2019







cyberoperations        USA






cyberarsenal        USA
























the United States Cyber Command -

The military headquarters

responsible for computer-network warfare        USA
















Defense Department system

Automated Biometrics Identification System - Abis        USA










cyberattack        USA
















National Cyber Alert System        USA










cyberfight / digital warfare       USA






cyberoffensive        USA






Cyberattacks on Iran — Stuxnet and Flame        UK / USA


Over the last few years,

Iran has become the target

of a series of notable cyberattacks,

some of which were linked

to its nuclear program.


The best known of these was Stuxnet,

the name given to a computer worm,

or malicious computer program.

Updated: June 1, 2012









cyberdestruction        USA






cyberdefense        USA






 cybersecurity        USA









Pentagon > Cybersecurity force        2013






Cybersecurity Act        2012






computer sabotage        UK









Corpus of news articles


War > Cyberweapon,


Cyberconflict, Cyberwar, Cyberwarfare




Panetta Warns of Dire Threat

of Cyberattack on U.S.


October 11, 2012

The New York Times




Defense Secretary Leon E. Panetta warned Thursday that the United States was facing the possibility of a “cyber-Pearl Harbor” and was increasingly vulnerable to foreign computer hackers who could dismantle the nation’s power grid, transportation system, financial networks and government.

In a speech at the Intrepid Sea, Air and Space Museum in New York, Mr. Panetta painted a dire picture of how such an attack on the United States might unfold. He said he was reacting to increasing aggressiveness and technological advances by the nation’s adversaries, which officials identified as China, Russia, Iran and militant groups.

“An aggressor nation or extremist group could use these kinds of cyber tools to gain control of critical switches,” Mr. Panetta said. “They could derail passenger trains, or even more dangerous, derail passenger trains loaded with lethal chemicals. They could contaminate the water supply in major cities, or shut down the power grid across large parts of the country.”

Defense officials insisted that Mr. Panetta’s words were not hyperbole, and that he was responding to a recent wave of cyberattacks on large American financial institutions. He also cited an attack in August on the state oil company Saudi Aramco, which infected and made useless more than 30,000 computers.

But Pentagon officials acknowledged that Mr. Panetta was also pushing for legislation on Capitol Hill. It would require new standards at critical private-sector infrastructure facilities — like power plants, water treatment facilities and gas pipelines — where a computer breach could cause significant casualties or economic damage.

In August, a cybersecurity bill that had been one of the administration’s national security priorities was blocked by a group of Republicans, led by Senator John McCain of Arizona, who took the side of the U.S. Chamber of Commerce and said it would be too burdensome for corporations.

The most destructive possibilities, Mr. Panetta said, involve “cyber-actors launching several attacks on our critical infrastructure at one time, in combination with a physical attack.” He described the collective result as a “cyber-Pearl Harbor that would cause physical destruction and the loss of life, an attack that would paralyze and shock the nation and create a profound new sense of vulnerability.”

Mr. Panetta also argued against the idea that new legislation would be costly for business. “The fact is that to fully provide the necessary protection in our democracy, cybersecurity must be passed by the Congress,” he told his audience, Business Executives for National Security. “Without it, we are and we will be vulnerable.”

With the legislation stalled, Mr. Panetta said President Obama was weighing the option of issuing an executive order that would promote information sharing on cybersecurity between government and private industry. But Mr. Panetta made clear that he saw it as a stopgap measure and that private companies, which are typically reluctant to share internal information with the government, would cooperate fully only if required to by law.

“We’re not interested in looking at e-mail, we’re not interested in looking at information in computers, I’m not interested in violating rights or liberties of people,” Mr. Panetta told editors and reporters at The New York Times earlier on Thursday. “But if there is a code, if there’s a worm that’s being inserted, we need to know when that’s happening.”

He said that with an executive order making cooperation by the private sector only voluntary, “I’m not sure they’re going to volunteer if they don’t feel that they’re protected legally in terms of sharing information.”

“So our hope is that ultimately we can get Congress to adopt that kind of legislation,” he added.

Mr. Panetta’s comments, his most extensive to date on cyberwarfare, also sought to increase the level of public debate about the Defense Department’s growing capacity not only to defend but also to carry out attacks over computer networks. Even so, he carefully avoided using the words “offense” or “offensive” in the context of American cyberwarfare, instead defining the Pentagon’s capabilities as “action to defend the nation.”

The United States has nonetheless engaged in its own cyberattacks against adversaries, although it has never publicly admitted it. From his first months in office, Mr. Obama ordered sophisticated attacks on the computer systems that run Iran’s main nuclear enrichment plants, according to participants in the program. He decided to accelerate the attacks, which were begun in the Bush administration and code-named Olympic Games, even after an element of the program accidentally became public in the summer of 2010.

In a part of the speech notable for carefully chosen words, Mr. Panetta warned that the United States “won’t succeed in preventing a cyberattack through improved defenses alone.”

“If we detect an imminent threat of attack that will cause significant physical destruction in the United States or kill American citizens, we need to have the option to take action against those who would attack us, to defend this nation when directed by the president,” Mr. Panetta said. “For these kinds of scenarios, the department has developed the capability to conduct effective operations to counter threats to our national interests in cyberspace.”

The comments indicated that the United States might redefine defense in cyberspace as requiring the capacity to reach forward over computer networks if an attack was detected or anticipated, and take pre-emptive action. These same offensive measures also could be used in a punishing retaliation for a first-strike cyberattack on an American target, senior officials said.

Senior Pentagon officials declined to describe specifics of what offensive cyberwarfare abilities the Defense Department has fielded or is developing. And while Mr. Panetta avoided labeling them as “offensive,” other senior military and Pentagon officials have recently begun acknowledging their growing focus on these tools.

The Defense Department is finalizing “rules of engagement” that would put the Pentagon’s cyberweapons into play only in case of an attack on American targets that rose to some still unspecified but significant levels. Short of that, the Pentagon shares intelligence and offers technical assistance to the F.B.I. and other agencies.


Elisabeth Bumiller reported from New York,

and Thom Shanker from Washington.

Panetta Warns of Dire Threat of Cyberattack on U.S.,






A New Kind of Warfare


September 9, 2012
The New York Times


Cybersecurity efforts in the United States have largely centered on defending computer networks against attacks by hackers, criminals and foreign governments, mainly China. Increasingly, however, the focus is on developing offensive capabilities, on figuring out how and when the United States might unleash its own malware to disrupt an adversary’s networks. That is potentially dangerous territory.

Such malware is believed to have little deterrent value against criminals who use computers to steal money from banks or spies who pilfer industrial secrets. But faced with rising intrusions against computers that run America’s military systems and its essential infrastructure — its power grid, for instance, and its telecommunications networks — the military here (and elsewhere) sees disruptive software as an essential new tool of war. According to a study by the Center for Strategic and International Studies, the 15 countries with the biggest military budgets are all investing in offensive cyber capabilities.

The latest step occurred last month when the United States sent out bids for technologies “to destroy, deny, degrade, disrupt, corrupt or usurp” an adversary’s attempt to use cyberspace for advantage. The Air Force asked for proposals to plan for and manage cyberwarfare, including the ability to launch superfast computer attacks and withstand retaliation.

The United States, China, Russia, Britain and Israel began developing basic cyberattack capabilities at least a decade ago and are still figuring out how to integrate them into their military operations. Experts say cyberweapons will be used before or during conflicts involving conventional weapons to infect an adversary’s network and disrupt a target, including shutting down military communications. The most prominent example is the Stuxnet virus deployed in 2010 by the United States and Israel to set back Iran’s nuclear program. Other cyberattacks occurred in 2007 against Syria and 1998 against Serbia.

Crucial questions remain unanswered, including what laws of war would apply to decisions to launch an attack. The United States still hasn’t figured out what impact cyberweapons could have on actual battlefield operations or when an aggressive cyber response is required. Nor has Washington settled on who would authorize an attack; experts see roles for both the president and military commanders. There is also the unresolved issue of how to minimize collateral damage — like making sure malware does not cripple a civilian hospital.

Another big concern is China, which is blamed for stealing American military secrets. Washington has not had much success persuading Beijing to rein in its hackers. There is a serious risk of miscalculation if, for example, there is a confrontation in the South China Sea. China could misinterpret a move, unleash a cyberattack and trigger a real cyberwar. What’s clearly needed are new international understandings about what constitutes cyber aggression and how governments should respond. Meanwhile, the United States must do what it can to protect its own networks.

    A New Kind of Warfare, NYT, 9.9.2012,






A Law to Strengthen Our Cyberdefense


August 1, 2012
The New York Times



OVER the last decade, the United States has built a sophisticated security system to protect the nation’s seaports against terrorists and criminals. But our nation’s critical infrastructure is not similarly secured from cyberattack. Although we have made progress in recent years, Congressional action is needed to ensure that our laws keep pace with the electronically connected world we live in. The bipartisan Cybersecurity Act of 2012, currently before the Senate, offers a way forward.

A disruption of our electric grid or other critical infrastructure could temporarily cripple the American economy. What’s less well known is that such an attack could threaten the nation’s defense as well.

Ninety-nine percent of the electricity the military uses comes from civilian sources. Ninety percent of military voice and Internet communications travel over commercial networks. Much of the country’s military logistics are handled by commercial shippers who rely, in turn, on privately managed networks.

As we protect our ports and coastlines, so must we marshal resources and techniques to mount an adequate defense of our networks. Our port security is ensured by a combination of the Coast Guard, Customs and Border Protection, state and local governments, and private shipping companies and port operators, with the support of the Navy and the intelligence agencies. Together, they patrol American waters, scan cargo, analyze and share information about threats to our coastlines, and report suspicious behavior to the proper authorities. If any of these layers were to be removed, our defenses would be weakened.

Effective cybersecurity requires a similar multilevel approach. We have a final line of cyberdefense in the Defense Department’s Cyber Command, which defends the nation against advanced cyberattacks, and we have a strong cyberintelligence system in the National Security Agency, which detects cyberthreats from overseas. But we need additional levels of defense to protect the nation’s critical infrastructure.

Collective problems require collaborative solutions. The government and private sector must work together to prevent cyberdisruption, cyberdestruction and theft of intellectual property. This requires robust sharing of information between the government and private sector, aggressive prosecution of cybercriminals, and cooperation among federal agencies.

Simply put, the Cybersecurity Act would help by enabling the government to share information about cyberthreats with industry. The legislation would also permit the private sector to report cyberintrusions to the government or private companies. That ability would increase awareness of cyberthreats, while leaving the private sector in control of which information is shared. It would do all of this while protecting privacy and civil liberties, through robust oversight and accountability measures.

None of us want to see heavy government regulation, especially of the Internet, the fount of so much innovation and economic productivity. The legislation would provide meaningful baseline cybersecurity standards for industry, developed and adopted through a joint industry-government process.

Although the American economy needs effective cybersecurity measures to function and prosper, many providers of critical infrastructure have not invested in basic strategies to defend themselves against cyberthreats. Meaningful standards will help drive companies to invest and help fill the gaps in our nation’s cyberdefenses.

Finally, the Cybersecurity Act would ensure that the Department of Homeland Security has the ability to protect federal networks and assist the private sector effectively and efficiently, by strengthening the department’s legal authority.

The Department of Defense stands ready to support the Department of Homeland Security and any other agency in protecting the nation’s critical infrastructure. Together, our two departments can bring our technical ability to bear and improve the nation’s stock of cybersecurity tools and technology.

This legislation is a critical step for defending America’s infrastructure against the clear and present cyberthreats we face. We’re not going to solve this problem overnight; it will involve a learning experience for both the private sector and the government, but we must learn fast, and develop solutions as quickly as possible. The legislation will help pave the way to American security and prosperity in the information age. It deserves the full support of Congress and the American people.


Ashton B. Carter

is the deputy secretary of defense

and Jane Holl Lute

is the deputy secretary of homeland security.

    A Law to Strengthen Our Cyberdefense, NYT, 1.8.2012,





Cybersecurity at Risk


July 31, 2012
The New York Times

Relentless assaults on America’s computer networks by China and other foreign governments, hackers and criminals have created an urgent need for safeguards to protect these vital systems. The question now is whether the Senate will provide them. Senator John McCain, a Republican of Arizona, and the Chamber of Commerce have already exacted compromises from sponsors of a reasonably strong bill, and are asking for more. Their demands should be resisted and the original bill approved by the Senate.

Officials and experts have warned about cybersecurity dangers for years; now the alarms are more insistent. On Thursday, Gen. Keith Alexander, the chief of the United States Cyber Command and the director of the National Security Agency, said intrusions against computers that run essential infrastructure increased 17-fold from 2009-11 and that it’s only a matter of time before an attack causes physical damage. He has also called the loss of industrial information and intellectual property through cyberespionage “the greatest transfer of wealth in history.”

American officials say businesses already lose billions of dollars annually. Hundreds of major companies, defense contractors and government agencies have been affected. Attacks on power plants, electric grids, refineries, transportation networks and water treatment systems present an even greater threat. Last year, there were at least 200 attempted or successful cyberattacks on those facilities.

Yet defenses are dangerously thin. On a scale of 1 to 10, General Alexander rated preparedness for a large-scale cyberattack — shutting down the stock exchange, for instance — as “around a 3.” That is why President Obama and others have argued for mandatory minimum standards that would require companies to share information and harden computer protections.

Bipartisan legislation drafted by Senator Joseph Lieberman, a Connecticut independent and the chairman of the homeland security committee, and Senator Susan Collins of Maine, the ranking Republican member, met that bar. But faced with strong opposition from Mr. McCain and the business community, the sponsors compromised. Under the revised bill, industry will develop the standards for addressing threats and compliance will be voluntary.

This has not satisfied Mr. McCain or the chamber, which insists the bill would still be too costly and cumbersome. Last year, a survey of more than 9,000 executives in more than 130 countries by the PricewaterhouseCoopers consulting firm found that only 13 percent of those polled had taken adequate defensive action against cyberthreats.

Not all companies share that aversion to the bill. Microsoft and Symantec, among others, have supported the original Lieberman-Collins legislation. And civil liberties groups say their earlier privacy concerns have been addressed. It’s time for the endless talk of cyberthreats to be met by action. The Lieberman-Collins bill should be voted by the Senate this week and then merged with the House version so a law can be enacted this year. If not, and a catastrophic cyberattack occurs, Americans will be justified in asking why their lawmakers, mired in election-year partisanship, failed to protect them.

    Cybersecurity at Risk, NYT, 31.7.2012,






Obama Order Sped Up

Wave of Cyberattacks Against Iran


June 1, 2012
The New York Times


WASHINGTON — From his first months in office, President Obama secretly ordered increasingly sophisticated attacks on the computer systems that run Iran’s main nuclear enrichment facilities, significantly expanding America’s first sustained use of cyberweapons, according to participants in the program.

Mr. Obama decided to accelerate the attacks — begun in the Bush administration and code-named Olympic Games — even after an element of the program accidentally became public in the summer of 2010 because of a programming error that allowed it to escape Iran’s Natanz plant and sent it around the world on the Internet. Computer security experts who began studying the worm, which had been developed by the United States and Israel, gave it a name: Stuxnet.

At a tense meeting in the White House Situation Room within days of the worm’s “escape,” Mr. Obama, Vice President Joseph R. Biden Jr. and the director of the Central Intelligence Agency at the time, Leon E. Panetta, considered whether America’s most ambitious attempt to slow the progress of Iran’s nuclear efforts had been fatally compromised.

“Should we shut this thing down?” Mr. Obama asked, according to members of the president’s national security team who were in the room.

Told it was unclear how much the Iranians knew about the code, and offered evidence that it was still causing havoc, Mr. Obama decided that the cyberattacks should proceed. In the following weeks, the Natanz plant was hit by a newer version of the computer worm, and then another after that. The last of that series of attacks, a few weeks after Stuxnet was detected around the world, temporarily took out nearly 1,000 of the 5,000 centrifuges Iran had spinning at the time to purify uranium.

This account of the American and Israeli effort to undermine the Iranian nuclear program is based on interviews over the past 18 months with current and former American, European and Israeli officials involved in the program, as well as a range of outside experts. None would allow their names to be used because the effort remains highly classified, and parts of it continue to this day.

These officials gave differing assessments of how successful the sabotage program was in slowing Iran’s progress toward developing the ability to build nuclear weapons. Internal Obama administration estimates say the effort was set back by 18 months to two years, but some experts inside and outside the government are more skeptical, noting that Iran’s enrichment levels have steadily recovered, giving the country enough fuel today for five or more weapons, with additional enrichment.

Whether Iran is still trying to design and build a weapon is in dispute. The most recent United States intelligence estimate concludes that Iran suspended major parts of its weaponization effort after 2003, though there is evidence that some remnants of it continue.

Iran initially denied that its enrichment facilities had been hit by Stuxnet, then said it had found the worm and contained it. Last year, the nation announced that it had begun its own military cyberunit, and Brig. Gen. Gholamreza Jalali, the head of Iran’s Passive Defense Organization, said that the Iranian military was prepared “to fight our enemies” in “cyberspace and Internet warfare.” But there has been scant evidence that it has begun to strike back.

The United States government only recently acknowledged developing cyberweapons, and it has never admitted using them. There have been reports of one-time attacks against personal computers used by members of Al Qaeda, and of contemplated attacks against the computers that run air defense systems, including during the NATO-led air attack on Libya last year. But Olympic Games was of an entirely different type and sophistication.

It appears to be the first time the United States has repeatedly used cyberweapons to cripple another country’s infrastructure, achieving, with computer code, what until then could be accomplished only by bombing a country or sending in agents to plant explosives. The code itself is 50 times as big as the typical computer worm, Carey Nachenberg, a vice president of Symantec, one of the many groups that have dissected the code, said at a symposium at Stanford University in April. Those forensic investigations into the inner workings of the code, while picking apart how it worked, came to no conclusions about who was responsible.

A similar process is now under way to figure out the origins of another cyberweapon called Flame that was recently discovered to have attacked the computers of Iranian officials, sweeping up information from those machines. But the computer code appears to be at least five years old, and American officials say that it was not part of Olympic Games. They have declined to say whether the United States was responsible for the Flame attack.

Mr. Obama, according to participants in the many Situation Room meetings on Olympic Games, was acutely aware that with every attack he was pushing the United States into new territory, much as his predecessors had with the first use of atomic weapons in the 1940s, of intercontinental missiles in the 1950s and of drones in the past decade. He repeatedly expressed concerns that any American acknowledgment that it was using cyberweapons — even under the most careful and limited circumstances — could enable other countries, terrorists or hackers to justify their own attacks.

“We discussed the irony, more than once,” one of his aides said. Another said that the administration was resistant to developing a “grand theory for a weapon whose possibilities they were still discovering.” Yet Mr. Obama concluded that when it came to stopping Iran, the United States had no other choice.

If Olympic Games failed, he told aides, there would be no time for sanctions and diplomacy with Iran to work. Israel could carry out a conventional military attack, prompting a conflict that could spread throughout the region.

A Bush Initiative

The impetus for Olympic Games dates from 2006, when President George W. Bush saw few good options in dealing with Iran. At the time, America’s European allies were divided about the cost that imposing sanctions on Iran would have on their own economies. Having falsely accused Saddam Hussein of reconstituting his nuclear program in Iraq, Mr. Bush had little credibility in publicly discussing another nation’s nuclear ambitions. The Iranians seemed to sense his vulnerability, and, frustrated by negotiations, they resumed enriching uranium at an underground site at Natanz, one whose existence had been exposed just three years before.

Iran’s president, Mahmoud Ahmadinejad, took reporters on a tour of the plant and described grand ambitions to install upward of 50,000 centrifuges. For a country with only one nuclear power reactor — whose fuel comes from Russia — to say that it needed fuel for its civilian nuclear program seemed dubious to Bush administration officials. They feared that the fuel could be used in another way besides providing power: to create a stockpile that could later be enriched to bomb-grade material if the Iranians made a political decision to do so.

Hawks in the Bush administration like Vice President Dick Cheney urged Mr. Bush to consider a military strike against the Iranian nuclear facilities before they could produce fuel suitable for a weapon. Several times, the administration reviewed military options and concluded that they would only further inflame a region already at war, and would have uncertain results.

For years the C.I.A. had introduced faulty parts and designs into Iran’s systems — even tinkering with imported power supplies so that they would blow up — but the sabotage had had relatively little effect. General James E. Cartwright, who had established a small cyberoperation inside the United States Strategic Command, which is responsible for many of America’s nuclear forces, joined intelligence officials in presenting a radical new idea to Mr. Bush and his national security team. It involved a far more sophisticated cyberweapon than the United States had designed before.

The goal was to gain access to the Natanz plant’s industrial computer controls. That required leaping the electronic moat that cut the Natanz plant off from the Internet — called the air gap, because it physically separates the facility from the outside world. The computer code would invade the specialized computers that command the centrifuges.

The first stage in the effort was to develop a bit of computer code called a beacon that could be inserted into the computers, which were made by the German company Siemens and an Iranian manufacturer, to map their operations. The idea was to draw the equivalent of an electrical blueprint of the Natanz plant, to understand how the computers control the giant silvery centrifuges that spin at tremendous speeds. The connections were complex, and unless every circuit was understood, efforts to seize control of the centrifuges could fail.

Eventually the beacon would have to “phone home” — literally send a message back to the headquarters of the National Security Agency that would describe the structure and daily rhythms of the enrichment plant. Expectations for the plan were low; one participant said the goal was simply to “throw a little sand in the gears” and buy some time. Mr. Bush was skeptical, but lacking other options, he authorized the effort.

Breakthrough, Aided by Israel

It took months for the beacons to do their work and report home, complete with maps of the electronic directories of the controllers and what amounted to blueprints of how they were connected to the centrifuges deep underground.

Then the N.S.A. and a secret Israeli unit respected by American intelligence officials for its cyberskills set to work developing the enormously complex computer worm that would become the attacker from within.

The unusually tight collaboration with Israel was driven by two imperatives. Israel’s Unit 8200, a part of its military, had technical expertise that rivaled the N.S.A.’s, and the Israelis had deep intelligence about operations at Natanz that would be vital to making the cyberattack a success. But American officials had another interest, to dissuade the Israelis from carrying out their own pre-emptive strike against the Iranian nuclear facilities. To do that, the Israelis would have to be convinced that the new line of attack was working. The only way to convince them, several officials said in interviews, was to have them deeply involved in every aspect of the program.

Soon the two countries had developed a complex worm that the Americans called “the bug.” But the bug needed to be tested. So, under enormous secrecy, the United States began building replicas of Iran’s P-1 centrifuges, an aging, unreliable design that Iran purchased from Abdul Qadeer Khan, the Pakistani nuclear chief who had begun selling fuel-making technology on the black market. Fortunately for the United States, it already owned some P-1s, thanks to the Libyan dictator, Col. Muammar el-Qaddafi.

When Colonel Qaddafi gave up his nuclear weapons program in 2003, he turned over the centrifuges he had bought from the Pakistani nuclear ring, and they were placed in storage at a weapons laboratory in Tennessee. The military and intelligence officials overseeing Olympic Games borrowed some for what they termed “destructive testing,” essentially building a virtual replica of Natanz, but spreading the test over several of the Energy Department’s national laboratories to keep even the most trusted nuclear workers from figuring out what was afoot.

Those first small-scale tests were surprisingly successful: the bug invaded the computers, lurking for days or weeks, before sending instructions to speed them up or slow them down so suddenly that their delicate parts, spinning at supersonic speeds, self-destructed. After several false starts, it worked. One day, toward the end of Mr. Bush’s term, the rubble of a centrifuge was spread out on the conference table in the Situation Room, proof of the potential power of a cyberweapon. The worm was declared ready to test against the real target: Iran’s underground enrichment plant.

“Previous cyberattacks had effects limited to other computers,” Michael V. Hayden, the former chief of the C.I.A., said, declining to describe what he knew of these attacks when he was in office. “This is the first attack of a major nature in which a cyberattack was used to effect physical destruction,” rather than just slow another computer, or hack into it to steal data.

“Somebody crossed the Rubicon,” he said.

Getting the worm into Natanz, however, was no easy trick. The United States and Israel would have to rely on engineers, maintenance workers and others — both spies and unwitting accomplices — with physical access to the plant. “That was our holy grail,” one of the architects of the plan said. “It turns out there is always an idiot around who doesn’t think much about the thumb drive in their hand.”

In fact, thumb drives turned out to be critical in spreading the first variants of the computer worm; later, more sophisticated methods were developed to deliver the malicious code.

The first attacks were small, and when the centrifuges began spinning out of control in 2008, the Iranians were mystified about the cause, according to intercepts that the United States later picked up. “The thinking was that the Iranians would blame bad parts, or bad engineering, or just incompetence,” one of the architects of the early attack said.

The Iranians were confused partly because no two attacks were exactly alike. Moreover, the code would lurk inside the plant for weeks, recording normal operations; when it attacked, it sent signals to the Natanz control room indicating that everything downstairs was operating normally. “This may have been the most brilliant part of the code,” one American official said.

Later, word circulated through the International Atomic Energy Agency, the Vienna-based nuclear watchdog, that the Iranians had grown so distrustful of their own instruments that they had assigned people to sit in the plant and radio back what they saw.

“The intent was that the failures should make them feel they were stupid, which is what happened,” the participant in the attacks said. When a few centrifuges failed, the Iranians would close down whole “stands” that linked 164 machines, looking for signs of sabotage in all of them. “They overreacted,” one official said. “We soon discovered they fired people.”

Imagery recovered by nuclear inspectors from cameras at Natanz — which the nuclear agency uses to keep track of what happens between visits — showed the results. There was some evidence of wreckage, but it was clear that the Iranians had also carted away centrifuges that had previously appeared to be working well.

But by the time Mr. Bush left office, no wholesale destruction had been accomplished. Meeting with Mr. Obama in the White House days before his inauguration, Mr. Bush urged him to preserve two classified programs, Olympic Games and the drone program in Pakistan. Mr. Obama took Mr. Bush’s advice.

The Stuxnet Surprise

Mr. Obama came to office with an interest in cyberissues, but he had discussed them during the campaign mostly in terms of threats to personal privacy and the risks to infrastructure like the electrical grid and the air traffic control system. He commissioned a major study on how to improve America’s defenses and announced it with great fanfare in the East Room.

What he did not say then was that he was also learning the arts of cyberwar. The architects of Olympic Games would meet him in the Situation Room, often with what they called the “horse blanket,” a giant foldout schematic diagram of Iran’s nuclear production facilities. Mr. Obama authorized the attacks to continue, and every few weeks — certainly after a major attack — he would get updates and authorize the next step. Sometimes it was a strike riskier and bolder than what had been tried previously.

“From his first days in office, he was deep into every step in slowing the Iranian program — the diplomacy, the sanctions, every major decision,” a senior administration official said. “And it’s safe to say that whatever other activity might have been under way was no exception to that rule.”

But the good luck did not last. In the summer of 2010, shortly after a new variant of the worm had been sent into Natanz, it became clear that the worm, which was never supposed to leave the Natanz machines, had broken free, like a zoo animal that found the keys to the cage. It fell to Mr. Panetta and two other crucial players in Olympic Games — General Cartwright, the vice chairman of the Joint Chiefs of Staff, and Michael J. Morell, the deputy director of the C.I.A. — to break the news to Mr. Obama and Mr. Biden.

An error in the code, they said, had led it to spread to an engineer’s computer when it was hooked up to the centrifuges. When the engineer left Natanz and connected the computer to the Internet, the American- and Israeli-made bug failed to recognize that its environment had changed. It began replicating itself all around the world. Suddenly, the code was exposed, though its intent would not be clear, at least to ordinary computer users.

“We think there was a modification done by the Israelis,” one of the briefers told the president, “and we don’t know if we were part of that activity.”

Mr. Obama, according to officials in the room, asked a series of questions, fearful that the code could do damage outside the plant. The answers came back in hedged terms. Mr. Biden fumed. “It’s got to be the Israelis,” he said. “They went too far.”

In fact, both the Israelis and the Americans had been aiming for a particular part of the centrifuge plant, a critical area whose loss, they had concluded, would set the Iranians back considerably. It is unclear who introduced the programming error.

The question facing Mr. Obama was whether the rest of Olympic Games was in jeopardy, now that a variant of the bug was replicating itself “in the wild,” where computer security experts can dissect it and figure out its purpose.

“I don’t think we have enough information,” Mr. Obama told the group that day, according to the officials. But in the meantime, he ordered that the cyberattacks continue. They were his best hope of disrupting the Iranian nuclear program unless economic sanctions began to bite harder and reduced Iran’s oil revenues.

Within a week, another version of the bug brought down just under 1,000 centrifuges. Olympic Games was still on.

A Weapon’s Uncertain Future

American cyberattacks are not limited to Iran, but the focus of attention, as one administration official put it, “has been overwhelmingly on one country.” There is no reason to believe that will remain the case for long. Some officials question why the same techniques have not been used more aggressively against North Korea. Others see chances to disrupt Chinese military plans, forces in Syria on the way to suppress the uprising there, and Qaeda operations around the world. “We’ve considered a lot more attacks than we have gone ahead with,” one former intelligence official said.

Mr. Obama has repeatedly told his aides that there are risks to using — and particularly to overusing — the weapon. In fact, no country’s infrastructure is more dependent on computer systems, and thus more vulnerable to attack, than that of the United States. It is only a matter of time, most experts believe, before it becomes the target of the same kind of weapon that the Americans have used, secretly, against Iran.

This article is adapted

from “Confront and Conceal: Obama’s Secret Wars

and Surprising Use of American Power,”

to be published by Crown on Tuesday.

    Obama Order Sped Up Wave of Cyberattacks Against Iran, NYT, 1.6.2012,






Doctrine of Silence


November 28, 2011
The New York Times


LONDON — The Obama administration has a doctrine. It’s called the doctrine of silence. A radical shift from President Bush’s war on terror, it has never been set out to the American people. There has seldom been so big a change in approach to U.S. strategic policy with so little explanation.

I approve of the shift even as it makes me uneasy. One day, I suspect, there may be payback for this policy and this silence. President Obama has gone undercover.

You have to figure that one day somebody sitting in Tehran or Islamabad or Sana is going to wake up and say: “Hey, this guy Obama, he went to war in our country but just forgot to mention the fact. Should we perhaps go to war in his?”

In Iran, a big explosion at a military base near Tehran recently killed Gen. Hassan Tehrani Moghaddam, a central figure in the country’s long-range missile program. Nuclear scientists have perished in the streets of Tehran. The Stuxnet computer worm has wreaked havoc with the Iranian nuclear facilities.

It would take tremendous naïveté to believe these events are not the result of a covert American-Israeli drive to sabotage Iran’s efforts to develop a military nuclear capacity. An intense, well-funded cyberwar against Tehran is ongoing.

Simmering Pakistani anger over a wave of drone attacks authorized by Obama has erupted into outright rage with the death of at least 25 Pakistani soldiers in a NATO attack on two military outposts near the Afghan border.

The Pakistani government has ordered the Central Intelligence Agency to end drone operations it runs from a base in western Pakistan within 15 days. Drone attacks have become the coin of Obama’s realm. They have killed twice as many suspected Taliban and Al Qaeda members as were ever imprisoned in Guantánamo.

One such drone attack, of course, killed an American citizen, the Al Qaeda propagandist Anwar al-Awlaki, in Yemen a few weeks ago.

The U.S. government says precious little about these new ways of fighting enemies. But the strategic volte-face is clear: America has decided that conventional wars of uncertain outcome in Iraq and Afghanistan that may, according to a Brown University study, end up costing at least $3.7 trillion are a bad way to fight terrorists and that far cheaper, more precise tools for eliminating enemies are preferable — even if the legality of those killings is debatable.

The American case for legality rests on the 2001 Authorization for Use of Military Force act, which allows the president to use “all necessary and appropriate force” against persons, organization or nations linked to the 9/11 attack, and on various interpretations of the right to self-defense under international law.

But killing an American citizen raises particular constitutional concerns; just how legal the drone attacks are remains a vexed question. And Iran had no part in 9/11.

In general, it’s hard to resist the impression of a tilt toward the extrajudicial in U.S. foreign policy — a kind of “Likudization” of the approach to dealing with enemies. Israel has never hesitated to kill foes with blood on their hands wherever they are.

This is a development about which no American can feel entirely comfortable.

So why do I approve of all this? Because the alternative — the immense cost in blood and treasure and reputation of the Bush administration’s war on terror — was so appalling. In just the same way, the results of a conventional bombing war against Iran would be appalling, whether undertaken by Israel, the United States or a combination of the two.

Political choices often have to be made between two unappealing options. Obama has done just that. He has gone covert — and made the right call.

So why am I uneasy? Because these legally borderline, undercover options — cyberwar, drone killings, executions and strange explosions at military bases — invite repayment in kind, undermine the American commitment to the rule of law, and make allies uneasy.

Obama could have done more in the realm of explanation. Of course he does not want to say much about secret operations. Still, as the U.S. military prepares to depart from Iraq (leaving a handful of embassy guards), and the war in Afghanistan enters its last act, he owes the American people, U.S. allies and the world a speech that sets out why America will not again embark on this kind of inconclusive war and has instead adopted a new doctrine that has replaced fighting terror with killing terrorists. (He might also explain why Guantánamo is still open.)

Just because it’s impossible to talk about some operations undertaken within this doctrine does not mean the entire doctrine can remain cloaked in silence.

Foreign policy has been Obama’s strongest suit. He deserves great credit for killing Osama bin Laden, acting for the liberation of Libya, getting behind the Arab quest for freedom, winding down the war in Iraq, dealing repeated blows to Al Qaeda and restoring America’s battered image.

But the doctrine of silence is a failing with links to his overarching failure on the economy: it betrays a presidential reticence, coolness and aloofness that leave Americans uncomfortable.

    Doctrine of Silence, NYT, 28.11.2011,







Privacy May Be a Victim

in Cyberdefense Plan


June 13, 2009
The New York Times


WASHINGTON — A plan to create a new Pentagon cybercommand is raising significant privacy and diplomatic concerns, as the Obama administration moves ahead on efforts to protect the nation from cyberattack and to prepare for possible offensive operations against adversaries’ computer networks.

President Obama has said that the new cyberdefense strategy he unveiled last month will provide protections for personal privacy and civil liberties. But senior Pentagon and military officials say that Mr. Obama’s assurances may be challenging to guarantee in practice, particularly in trying to monitor the thousands of daily attacks on security systems in the United States that have set off a race to develop better cyberweapons.

Much of the new military command’s work is expected to be carried out by the National Security Agency, whose role in intercepting the domestic end of international calls and e-mail messages after the Sept. 11, 2001, attacks, under secret orders issued by the Bush administration, has already generated intense controversy.

There is simply no way, the officials say, to effectively conduct computer operations without entering networks inside the United States, where the military is prohibited from operating, or traveling electronic paths through countries that are not themselves American targets.

The cybersecurity effort, Mr. Obama said at the White House last month, “will not — I repeat, will not — include monitoring private sector networks or Internet traffic.”

But foreign adversaries often mount their attacks through computer network hubs inside the United States, and military officials and outside experts say that threat confronts the Pentagon and the administration with difficult questions.

Military officials say there may be a need to intercept and examine some e-mail messages sent from other countries to guard against computer viruses or potential terrorist action. Advocates say the process could ultimately be accepted as the digital equivalent of customs inspections, in which passengers arriving from overseas consent to have their luggage opened for security, tax and health reasons.

“The government is in a quandary,” said Maren Leed, a defense expert at the bipartisan Center for Strategic and International Studies who was a Pentagon special assistant on cyberoperations from 2005 to 2008.

Ms. Leed said a broad debate was needed “about what constitutes an intrusion that violates privacy and, at the other extreme, what is an intrusion that may be acceptable in the face of an act of war.”

In a recent speech, Gen. James E. Cartwright, vice chairman of the Joint Chiefs of Staff and a chief architect of the new cyberstrategy, acknowledged that a major unresolved issue was how the military — which would include the National Security Agency, where much of the cyberwar expertise resides — could legally set up an early warning system.

Unlike a missile attack, which would show up on the Pentagon’s screens long before reaching American territory, a cyberattack may be visible only after it has been launched in the United States.

“How do you understand sovereignty in the cyberdomain?” General Cartwright asked. “It doesn’t tend to pay a lot of attention to geographic boundaries.”

For example, the daily attacks on the Pentagon’s own computer systems, or probes sent from Russia, China and Eastern Europe seeking chinks in the computer systems of corporations and financial institutions, are rarely seen before their effect is felt inside the United States.

Some administration officials have begun to discuss whether laws or regulations must be changed to allow law enforcement, the military or intelligence agencies greater access to networks or Internet providers when significant evidence of a national security threat was found.

Ms. Leed said that while the Defense Department and related intelligence agencies were the only organizations that had the ability to protect against such cyberattacks, “they are not the best suited, from a civil liberties perspective, to take on that responsibility.”

Under plans being completed at the Pentagon, the new cybercommand will be run by a four-star general, much the way Gen. David H. Petraeus runs the wars in Afghanistan and Iraq from Central Command in Tampa, Fla. But the expectation is that whoever is in charge of the new command will also direct the National Security Agency, an effort to solve the turf war between the spy agency and the military over who is in charge of conducting offensive operations.

While the N.S.A.’s job is chiefly one of detection and monitoring, the agency also possesses what Michael D. McConnell, the former director of national intelligence, called “the critical skill set” to respond quickly to cyberattacks. Yet the Defense Department views cyberspace as its domain as well, a new battleground after land, sea, air and space.

The complications are not limited to privacy concerns. The Pentagon is increasingly worried about the diplomatic ramifications of being forced to use the computer networks of many other nations while carrying out digital missions — the computer equivalent of the Vietnam War’s spilling over the Cambodian border in the 1960s. To battle Russian hackers, for example, it might be necessary to act through the virtual cyberterritory of Britain or Germany or any country where the attack was routed.

General Cartwright said military planners were trying to write rules of engagement for scenarios in which a cyberattack was launched from a neutral country that might have no idea what was going on. But, with time of the essence, it may not be possible, the scenarios show, to ask other nations to act against an attack that is flowing through their computers in milliseconds.

“If I pass through your country, do I have to talk to the ambassador?” General Cartwright said. “It is very difficult. Those are the questions that are now really starting to emerge vis-à-vis cyber.”

Frida Berrigan, a longtime peace activist who is a senior program associate at the New America Foundation’s arms and security initiative, expressed concerns about whether the Obama administration would be able to balance its promise to respect privacy in cyberspace even as it appeared to be militarizing cybersecurity.

“Obama was very deliberate in saying that the U.S. military and the U.S. government would not be looking at our e-mail and not tracking what we do online,” Ms. Berrigan said. “This is not to say there is not a cyberthreat out there or that cyberterrorism is not a significant concern. We should be vigilant and creative. But once again we see the Pentagon being put at the heart of it and at front lines of offering a solution.”

Ms. Berrigan said that just as the counterinsurgency wars in Iraq and Afghanistan had proved that “there is no front line anymore, and no demilitarized zone anymore, then if the Pentagon and the military services see cyberspace as a battlefield domain, then the lines protecting privacy and our civil liberties get blurred very, very quickly.”

    Privacy May Be a Victim in Cyberdefense Plan, NYT, 13.6.2009,






Pentagon Cyber Command

to Create Force for Future


May 5, 2009

Filed at 4:08 a.m. ET

The New York Times



WASHINGTON (AP) -- The U.S. military must reorganize its offensive and defensive cyber operations and will use a new command at a Maryland Army facility to create a digital warfare force for the future, the director of the National Security Agency says.

Lt. Gen. Keith Alexander, also the Pentagon's leading cyber warfare commander, said the U.S. is determined to lead the global effort to use computer technology to deter or defeat enemies, while still protecting the public's constitutional rights.

In testimony prepared for delivery Tuesday to a House Armed Services subcommittee, Alexander and other military leaders in cyber matters outlined the challenges to keeping up with rapidly changing technologies and the need for more resources and training. In blunt comments, Alexander acknowledged that cyber training for the Pentagon's work force is inadequate and must be improved.

In separate prepared testimony, Lt. Gen. William Shelton, the Air Force's chief of warfighting integration, said the Pentagon relies heavily on industry efforts to respond to cyber threats. That approach, he said, does not keep pace with the threat.

The testimony comes as the Obama administration prepares to release its review of the nation's cybersecurity, and on the heels of a critical report by the National Research Council. The independent group's report concluded that the government's policies on how and when to wage cyber warfare are ill-formed, lack adequate oversight and require a broad public debate.

Alexander said the military's new cyber command at Fort Meade, Md., will be a sub-unit of U.S. Strategic Command, and would be designed to ''defend vital networks and project power in cyberspace.''

Defense Department networks are probed repeatedly every day and the number of intrusion attempts have more than doubled recently, officials have said.

Military leaders said earlier this month that the Pentagon spent more than $100 million in the past six months responding to and repairing damage from cyber attacks and other computer network problems.


On the Net:

Defense Department: http://www.defenselink.mil

    Pentagon Cyber Command to Create Force for Future, NYT, 5.5.2009,






Preparing for cyber war:

Bernd Debusmann


Wed Mar 19, 2008

11:07am EDT


By Bernd Debusmann

(Bernd Debusmann is a Reuters columnist.
The opinions expressed are his own)

WASHINGTON (Reuters) - At the height of the Cold War, a Soviet oil pipeline blew up in an explosion so huge that the American military suspected a nuclear blast. A quarter of a century later, the incident serves as an object lesson in successful cyber warfare.

The pipeline blew up, with disastrous consequences for the Soviet economy, because its pumps, valves and turbines were run by software deliberately designed to malfunction. Made in the U.S. and doctored by the CIA, it passed into Soviet hands in an elaborate game of deception that left them unaware they had acquired "bugged" software.

"The pipeline software...was programmed to go haywire, after a decent interval, to reset pump speeds and valve settings to produce pressures far beyond those acceptable to pipeline joints and welts. The result was the most monumental non-nuclear explosion ever seen from space," Thomas C. Reed, a former air force secretary, wrote in his 2004 memoir.

The pipeline explosion was probably the first major salvo in what has since become known as cyber warfare. The incident has been cropping up in increasingly urgent discussions in the U.S. on how to cope with attacks on military and civilian computer networks and control systems - and how and when to strike back.

Air traffic control, power plants, Wall Street trading systems, banks, traffic lights and emergency responder communications could all be targets of attacks that could bring the U.S. to its knees. As Michael McConnell, the Director of National Intelligence, put it in recent testimony to a Senate committee:

"Our information infrastructure - including the Internet, telecommunications networks, computer systems and embedded processors and controllers in critical industries - increasingly is being targeted...by a growing array of state and non-state adversaries." Cyber attacks, he said, had grown more sophisticated and more serious.

The Pentagon says it detects three million attempts to infiltrate its computer networks every day. There are no estimates of how many probes are successful but last year the Pentagon had to take 1,500 computers off line because of a concerted attack from unknown hackers.



How tight are the U.S. government's defenses? Not very, according to the Government Accountability Office, the audit and investigative arm of the U.S. Congress. In a report last week, it said an audit of 24 government agencies - including Defense and Homeland Security - had shown that "poor information security is a widespread problem with potentially devastating consequences."

Striking back at cyber attackers poses a raft of tricky questions, chiefly because cyber war cannot be waged without involving civilians. Private companies own more than 80 percent of the infrastructure McConnell talked about and without close public-private coordination, effective counter-strikes are next to impossible.

"Unlike traditional defense categories (i.e. land, sea and air), the military capabilities required to respond to an attack on U.S. infrastructure will necessarily involve infrastructure owned and operated by the private sector," according to Jody R. Westby, CEO of the Washington consulting firm Global Cyber Risk and a champion of better public-private coordination to cope with cyber attacks.(http://www.globalcyberrisk.com/Pubs_psc.htm)

Coordination between the military and civilians has yet to be tested. The military stayed away from an exercise this month that brought together experts from the U.S., Canada, Britain, New Zealand and Australia, 18 U.S. federal agencies and around 40 companies, including Microsoft and Cisco Systems. The game featured mock attacks against computer networks, pipelines and railroads.

(The exercise was described as the biggest of its kind. But "big" is relative. To get the scale into perspective: There are 233 countries connected to the Internet today, with an estimated 1.2 billion users. More than 120 countries are estimated to be developing cyber warfare capabilities).

As things stand, could the U.S. or its allies become victim of an attack similar to the Soviet pipeline blast? Probably yes. The threat comes from China, which has been placing heavy emphasis on what it calls "informationized war," and a motley array of hackers and terrorists.

Among the most potent weapons in their arsenal: "bots," malicious software robots that are the digital equivalent of terrorist sleeper cells that lie dormant for months or years before springing into destructive action. In testimony to Congress, Homeland Security's top scientist on cyber security, W. Douglas Maugham, has said that there is currently no effective antidote to bots.



How much damage could they do? Here is a scenario drawn from an interview with Westby, who is a member of the World Federation of Scientists' Permanent Monitoring Panel on Information Security. Her outline is based on the assumption that China has already implanted bots in millions of public and private computer systems.

"Bot herders" around the world unleash their malicious software bots to attack U.S. government, financial, oil and gas systems. One early victim: the U.S. Department of Commerce, which loses all communications because its internet and telephone communications use Voice over Internet Protocol networks. That means if the Internet goes down, all communications go down.

As Commerce is cut off, the U.S. collection point for inter-bank financial transactions discovers that bogus data are being inserted from both the sending and confirming side of the SWIFT (Society for Worldwide Interbank Financial Telecommunication) system. Chaos ensues in financial markets.

The New York Stock Exchange shuts down after massive "denial of service" attacks similar to those that last year forced Estonia to close down websites run by government ministries, banks and telecommunications companies.

At the same time, systems controlling the valves of oil and gas pipelines come under attack as bogus instructions override system controls and false data is sent to control room screens. The pipelines are shut. Some explode. There are casualties.

The government decides it must block the malicious traffic and come to the assistance of the financial, gas and oil companies under cyber attack. This involves deploying classified solutions and counter attacks through the networks of various U.S. communication providers.

The problem: There is no agreement between the Pentagon and the private sector on transferring private networks to military control. Owners are reluctant to turn over their systems to the military for fear their networks and their reputation might be damaged as a result of cyber war actions not under their control. The problem could be solved by the government declaring martial law, a step it is hesitant to take.

And what about the foreign-owned networks that would have to be used to launch an effective counter attack? Does the U.S. have to ask permission before sending cyber war actions across foreign networks? Would NATO have to be involved? (The 50-year-old treaty does not cover cyber warfare). Should the U.N. charter be amended to apply to cyber war rather than only "armed attacks?"

These are all questions that require urgent answers if the U.S., more dependent on computers and the Internet than most countries, wants to protect what a writer in the latest issue of the Armed Forces Journal aptly describes as "America's digital Achilles' heel."


(Editing by Sean Maguire)

Preparing for cyber war:Bernd Debusmann,










Related > Anglonautes > Vocapedia



malware, viruses, worms,

thieves, fraudsters, spammers



scams, scammers, phishing




cybersecurity, cyberattacks, hacks, hackers



genocide, war,

weapons, arms sales,

espionage, torture



conflicts, wars, climate, poverty >

asylum seekers, displaced people,

migrants, refugees




terrorism, global terrorism,

militant groups,

intelligence, spies, surveillance



countries > Myanmar



Myanmar -> Bangladesh, Australia >

Rohingya refugees



USA > Native Americans > mass killings






military justice > USA



journalism > journalist, reporter



journalism > source



photojournalism, photojournalist






Related > Anglonautes > History > Wars


21st century > 2001-2020

USA > Afghanistan war



21st century > 2003-2011

Iraq, UK, USA > Iraq War



20th century > 1990-1991

USA, Iraq, Kuwait, Saudi Arabia

Persian Gulf war



20th century > late 1940s - late 1980s

Asia, Europe, Americas

Cold war



20th century > 1962-1975

USA, Vietnam

Cold War > Vietnam War



20th century > WW2 (1939-1945)

UK, British empire



20th century > WW2 (1939-1945)




20th century > 1939-1945 > World War 2

Germany, Europe >

Adolf Hitler, Nazi era,

Antisemitism, Holocaust / Shoah



20th century > WW1 (1914-1918)




20th century > WW1 (1914-1918)

UK, British empire



19th-17th century

England, United Kingdom, British Empire



17th, 18th, 19th, 20th century

English America, America, USA

Racism, Slavery, Abolition,

Civil war (1861-1865),

Abraham Lincoln






Related > Anglonautes > Arts > Photography, Photojournalism


war photographers




home Up