The creators of Stuxnet seem to believe that they will not suffer any consequences for their deviltry. It is almost impossible to trace the worm to its original source. So the victims can’t even know for sure who their enemy is. Besides, if the culprit is Israel it has a formidable defense in place to protect its own military and nuclear facilities (a lesson apparently not learned by the Iranians) and so presuably it would be extremly difficult to inflict similar damage.
Iranian sources have confirmed what the world already knew, that the malware has targeted nuclear plants (probably Bushehr or even more likely Natanz). In fact, a knowledgeable Iranian source admits that Stuxnet is still percolating and even “mutating” through Iranian computer systems. Good news for non-Iranians infected with it is that it seems to able to distinguish its target computers from others and behaves benignly in non-Iranian systems. One Iranian source claimed preposterously that Stuxnet has not caused any serious damage inside Iran. Given the sabotage caused to Natanz’s centrifuge system in the past year and the extraordinary delays in the construction of the Bushehr reactor, that claim is simply not credible. It should be viewed as an attempt to conceal the effect of the worm as it would be in the interest of Iran’s nuclear industry to do.
A Reuters report speculates on how Iran might take revenge on those who devised Stuxnet. It notes that Israel’s vulnerabilities may lie rather through Iran’s allies in Lebanon than in a direct assault on Dimona or similar facilities:
In the short term, intelligence experts believe Tehran’s priority will be trying to identify the source of the attack and examining how the worm was uploaded onto its systems. “The Iranian internal security and counterintelligence departments will need to nail down the culprits first, then work out how to turn the tables,” said Fred Burton, a former U.S. counterintelligence expert who is now vice president of political risk consultancy Stratfor.
In the short term, intelligence experts believe Tehran’s priority will be trying to identify the source of the attack and examining how the worm was uploaded onto its systems. “The Iranian internal security and counterintelligence departments will need to nail down the culprits first, then work out how to turn the tables,” said Fred Burton, a former U.S. counterintelligence expert who is now vice president of political risk consultancy Stratfor.
Some analysts suggest Iran might like to retaliate with a cyber attack against Israel or the West — although there are question marks over its capability to do so.“I don’t think we can expect much in the way of retaliatory cyber attacks,” said regional analyst Jessica Ashooh. “The Iranians simply don’t have the technical capacity to do anything similar to properly protected systems — as evidenced by the very hard time they are having controlling and quarantining this attack.”
Nevertheless, experts say Iran has made improving its cyber espionage capability a priority — and will probably aim to grow these resources further in the years to come.
The risk, some worry, is that Iran might be tempted to either intensify its own nuclear program or target the West’s own nuclear installations in return.
“How prepared are we all for this and could this set in motion a deadly game that catalyses a nuclear programme no one intended to engage in?” said Mark Fitt, managing director of N49 Intelligence, a firm that advises businesses in the Middle East.
In terms of a more conventional response, Iran could potentially act through proxies such as Hezbollah in Lebanon and Hamas in Gaza, as well as insurgents in Iraq and Afghanistan.
…Analysts say the Stuxnet attack is an early insight into the form state conflict may take in the 21st century.
“It’s by no means a one-off — I think we’ll see much more of this,” said Ian Bremmer, president of political risk consultancy Eurasia Group.
One thing that anyone who’s an honest observer of the Israeli-Arab conflict over the years has learned is that what goes around comes around. Israel tends to behave as if it is omnipotent and pays no attention to blowback as if there couldn’t possibly be any. But there inevitably is. After all, what is the entire history of the Israeli-Palestinian conflict but one long list of grievances unaddressed. It is the personification of justice delayed and denied. There will be consequences from Stuxnet. They may not happen this week or next. But as sure as I’m typing this, there will be. And when Israel is called to pay the piper you will heal howls of anger and victimhood from Israel at how it is made to suffer by its enemies while it remains blameless. This is the strange Israeli calculus of victimhood.
Moving to a different subject, at an Israeli internet forum frequented by military and intelligence specialists, one knowledgeable member noted that Israel has the capacity to introduce a great deal of mayhem into the world’s computer and security systems through its military industrial company, Rafael. This company is one of the world’s major suppliers of military-industrial technology to western (and even Arab) nations. It is plausible that it would have designed “back-doors” into such systems which could be exploited at a propitious moment. And further, it does maintenance and repairs on a great deal of such equipment and has the ability to tinker with it then as well.
Rafael even demanded before its products were shipped that any markings identifying its components as Israeli be erased so as not to arouse undue suspicion in the recipients of its products.
Rafael products and components are even now believed to be used in Arab countries though likely without the knowledge of those countries.
Another thing that seams true is that every Israeli PR disaster ends with the Arab side mysteriously weaker, as if somehow, offended liberal opinion actually does not matter in the real contest of arms.
Guys, its hilarious to see the number of words written on the STUXNET malarkey. as reported this warm has been in place for more then a year now, and i’m sure that those who developed it have new versions and other tools in place already. You Richard by are actually serving the Israeli purpose by focusing people’s attention onto old news.
as for backdoors in code… many years ago Israel hired an American company to write part of the arrow defense system code, the American company in its turn hired an Egyptian company, in short the code that was delivered back to Israel was full with back doors.
No, actually it’s you who’s serving Israel’s purpose by pooh-poohing research that invetigates Israel cyberwarfare capabilities. You clearly don’t want anyone to think Israel is doing anything special or worth taking seriously which is pure bulls(&t.
Well Israel does its best exaggerate its technological level. This decades long overstating and propaganda has made even those critical towards Israeli policies to believe that Israel is something very special with its in the level of technology.
Some months ago an Israeli (critical to occupation) claimed that Israel is a nation that registers the 2nd most patents in the U.S each and every year. I got curious and checked is it really so. The claim is simply not true. With patent applications and granted patents Israel is not even near the top.
http://www.uspto.gov/web/offices/ac/ido/oeip/taf/cst_utl.htm
http://www.epo.org/about-us/office/statistics/patent-granted.html
If we compare Israel to other industrialized countries like Sweden, Finland, Netherlands, Germany etc Israel is not the “leading” industrial power (not even “per capita” estimated)w ith the level of technology in different industries or with the level of R&D. The only field where Israel is number one is the amount of self praise and exaggeration (=propaganda).
One example of the much exaggerated Israeli weapon technology is the rather limited list of Israeli military equipment used by US Army.
http://en.wikipedia.org/wiki/Israel_%E2%80%93_United_States_military_relations
You didn’t understand what i was getting at:
1. STUXENT was reported as early as the beginning of 2009.
2. in the hi-tech world a year is a long time, during that time who ever developed this warm has acquired more information from the data its sent, and developed more sophisticated tools.
3. the sudden PR about that warm (providing it’s coming from Israel) is to hide other stuff out there, it’s the oldest trick in the book, you expose an old asset to gain a new one.
It’s WORM, not “warm.”
So big guy, instead of mouthing off why don’t you actually try to uncover what the latest asset is instead of pouring cold water on the honest efforts of experts far better informed than you. YOu’d have a bit more credibility when you can actually articulate something useful and valuable in the whole field of Israeli cyber warfare. Until you do that you’re little more than a shill.
Analyzer kind of has a point. Stuxnet was revealed in early 2009 on a number of tech blogs around the world and thus was likely coded in 2008. Just think about how many updates WordPress has had in that time and it ought to give you an idea of how relatively ancient the code used in Stuxnet is and how much more information the creators of the virus now have at their disposal. Uncovering the latest asset would be a nearly impossible task for anyone other than a well funded team of coders and even then… Again, Analyzer may have a point about this all being a well executed disinformation campaign. Is it the Iranians trying to cloud assessments of their nuclear progress? I mean just because Bushehr may have been compromised do we really know that Natanz was? Or is it the Israelis/US focusing attention on Stuxnet in order to distract the Iranians from Stuxnet II? Or Stuxnet III even? This sort of conjecture is just as valid as any of the conjectures made by the cited experts, none of whom have first hand information about the situation. One has to wonder why there is only now a sudden massive spike in chatter about a virus that was first discovered over a year ago.