Massive cyber attack on Iran came from U.S., report says

By Michelle Maltais

June 1, 2012 12 AM PT

It reads like a riveting sci-fi novel, but it’s stunningly real: A super-sophisticated malicious computer virus burrowed its way into Iran’s nuclear facilities and took down several parts of the operation. Oh, and it apparently came from us.

In 2010, it was the U.S. who launched Stuxnet, a seek-and-destroy cyber missile so sophisticated that some briefly thought it might have an other-than-earthly origin, against Iran’s nuclear infrastructure, according to a New York Times report. The virus was, in fact, created jointly by the U.S. and Israel.

In his first months in office, President Obama covertly ordered sophisticated attacks on the computers that ran Iran’s nuclear facilities, upping U.S. use of cyber weaponry in a sustained attack, the newspaper said.

Early on, a programming error allowed the worm to escape Iran’s Natanz plant and whoosh around the world on the Internet.

“Should we shut this thing down?” Obama asked, members of his national security team who were in the room told the paper.

Ultimately, the super worm was left to wreak its havoc, and it took out 1,000 of 5,000 centrifuges Iran was using to enhance uranium, according to the report. It was as effective as a bomb or agents infiltrating a country’s nuclear facilities to plant explosives, the report said.

German cyber-security expert Ralph Langner found the worm in 2010. As his team dug deeper into the code, “each new discovery left them more impressed and wondering what was coming next,” he told NPR. The sophistication of the worm “seemed almost alien.” But it was, indeed, decidedly terrestrial in nature.

Only recently has the government acknowledged developing cyber-weapons, though it has never admitted deploying them.

Now efforts are underway to decipher the origins of another malicious program experts believe is part of government-sponsored cyber warfare and intelligence gathering. Again, Iran is the target.

As the Los Angeles Times’ Sergei L. Loiko wrote earlier this week, computer virus experts at Russia’s Kaspersky Lab came across this malware while searching for a villain dubbed the Wiper.

“We entered a dark room in search of something and came out with something else in our hands, something different, something huge and sinister,” Vitaly Kamlyuk, a senior antivirus expert at Kaspersky Lab, said in an interview.

Flame, as it’s called, can copy and steal data and audio files, turn on a computer microphone and record all the sounds nearby, take screen shots, read documents and emails, and capture passwords and logins.

The program can communicate with other computers in its vicinity through the infected computer’s Bluetooth and locate them even without an Internet connection, Kamlyuk said.

“Many people still think that cyber warfare is a myth and a fantasy, but as we reassemble and study one by one the numerous components and modules of this unique program we see that it is a real weapon of this undeclared war that is already going on.”

Russia computer experts who detected Flame malware issue warning

Follow Michelle Maltais on Google+, Facebook or Twitter