Story

How a Secret Cyberwar Program like Stuxnet Worked

Programmers at the National Security Agency and in the Israeli military created a series of worms to attack the computers that control Iran’s nuclear enrichment center at Natanz. The attacks were repeated for several years, and each time the programs varied to make them difficult to detect. One of the variants escaped from Natanz and became public.

Steps

1. Programmers at the National Security Agency and in the Israeli military write a “beacon” program that can map out the workings of the plant.

2. The program is introduced into a controller computer at the plant, possibly by an unwitting plant worker.

3. The program collects information on how the plant’s computers are configured and transmits that data back to the intelligence agencies.

4. Using that data, the programmers design a complex “worm” program to disrupt the plant.

5. Through several methods, the new program is introduced into the plant’s computer controllers, which run thousands of centrifuges.

6. The worm takes over the operation of some centrifuges and causes them to spin too fast or too slowly. They become unbalanced, and in some cases explode.

7. New variants of the worm are created, each causing a slightly different failure in the plant’s operations. Some mimic mechanical failures common to the centrifuges.

8. The Iranians, alerted to what happened, take measures to

secure the plant. But new attacks are being designed.

9. Go back to step one.

Timeline: From Inception to a Leak

2006

Iran resumes uranium enrichment at Natanz after negotiations with European and American officials flounder. United States military and intelligence officials propose a top-secret cyberwar program against Iran’s nuclear enrichment program.

2007 The program begins in earnest, eventually known by the code name Olympic Games. A virtual replica of the Natanz plant is built at American national laboratories. The United States joins Israel in developing a sophisticated computer worm.

2008

Centrifuges begin crashing at Natanz, the crown jewel of the Iranian nuclear program. Engineers at the plant have no clue that the facility is under attack. The initial breakdowns are designed to seem like small random accidents, with code variations that prompt different breakdowns.

2009

Accounts that President Bush approved new ways to undermine the Iranian program, including cyberattacks, appear just as his administration is leaving office. In a private meeting, Mr. Bush urges President-elect Obama to continue Olympic Games, telling him the program could mean the difference between peace and war. Mr. Obama begins reviewing the plans, and he is given updates every few weeks with the results of attacks.

Spring 2010

The National Security Agency and Israel’s secretive Unit 8200 decide to swing for the fences. They target a critical array of centrifuges composed of nearly 1,000 machines, whose failure would be a huge setback to Iran. A special version of the computer worm is developed, with the Israelis putting the finishing touches on the program.

Summer 2010

The creators of the bug realize that copies of the worm have escaped Natanz and are available on the Internet, where they are replicating quickly. In a few weeks, articles appear in the technical press, and then in mainstream newspapers, about a mysterious new computer worm carried on USB keys that exploits a hole in the Windows operating system. The worm is named Stuxnet. Obama decides not to kill the program, and a subsequent attack takes out nearly 1,000 Iranian centrifuges, nearly a fifth of those operating.

Late 2010-11

After a dip in 2010, Iranian production recovers. The Untied States estimates that Olympic Games delayed Iran’s progress toward a weapons capability by a year and a half or two years. Others dispute the estimate, saying it overstates the effect.

2011-12

With the program still running, intelligence agencies in the United States and Israel seek out new targets that could further slow Iran’s progress.