Unlike the last few mega-leaks, this one’s not aimed at glorifying Obama’s James Bond-ian counterterrorist kung fu. In fact, Obama’s name doesn’t appear in the piece; it’s Bush who’s given credit for developing the Flame/Stuxnet program to sabotage Iranian nukes.
Ace blames the leakers for revealing all the nifty things that Flame can do but I think we already knew all the details in WaPo’s piece from that Russian cybersecurity firm that went public about the virus a few weeks ago. The point here isn’t to spill the beans about Flame’s capabilities, it’s — as Ace says — to blame Israel for the virus’s discovery.
And it’s not the first time that that’s happened.
The United States and Israel jointly developed a sophisticated computer virus nicknamed Flame that collected critical intelligence in preparation for cyber-sabotage attacks aimed at slowing Iran’s ability to develop a nuclear weapon, according to Western officials with knowledge of the effort…
Flame came to light last month after Iran detected a series of cyberattacks on its oil industry. The disruption was directed by Israel in a unilateral operation that apparently caught its U.S. partners off guard, according to several U.S. and Western officials, speaking on the condition of anonymity…
Despite their collaboration on developing the malicious code, the United States and Israel have not always coordinated attacks. Israel’s April assaults on Iran’s Oil Ministry and oil export facilities caused only minor disruptions. The episode led Iran to investigate and ultimately discover Flame…
Some U.S. intelligence officials were dismayed that Israel’s unilateral incursion led to the discovery of the virus, prompting countermeasures.
If that sounds familiar, that’s because Israel also took the blame for the damaging code error in Stuxnet in the NYT’s June 1 story on how President Awesome ordered the cybersabotage program to be accelerated:
An error in the code, they said, had led it to spread to an engineer’s computer when it was hooked up to the centrifuges. When the engineer left Natanz and connected the computer to the Internet, the American- and Israeli-made bug failed to recognize that its environment had changed. It began replicating itself all around the world. Suddenly, the code was exposed, though its intent would not be clear, at least to ordinary computer users.
“We think there was a modification done by the Israelis,” one of the briefers told the president, “and we don’t know if we were part of that activity.”
Mr. Obama, according to officials in the room, asked a series of questions, fearful that the code could do damage outside the plant. The answers came back in hedged terms. Mr. Biden fumed. “It’s got to be the Israelis,” he said. “They went too far.”
Bona fide Israeli errors, ass-covering by U.S. politicians for major mistakes, or both? Before you answer that, consider the other big news buried in today’s WaPo piece: According to one “former high-ranking U.S. intelligence official,” Flame and Stuxnet were designed to prepare the battlefield for “another type of covert action.” Actual quote: “Cyber collection against the Iranian program is way further down the road than this.” WaPo goes so far as to confirm that new, even more advanced cyberweapons have been developed. Which prompts the question: If the point of all the leaking lately is to run a psy op on Iran designed to drive them to total paranoia about the security of their networks (assuming they haven’t reached that point already), why all the fingerpointing at Israel? The psychological effect would be more pronounced, I’d think, if Iran thought the U.S. and Israel were acting perfectly in concert. Conversely, if the U.S. is trying to set up a good cop/bad cop dynamic for negotiating purposes with Iran in which Israel is the “rogue actor” and the U.S. more restrained, why admit to participating in the cybersabotage program in the first place? Why not say that the program’s wholly owned and operated by Israel? The west is in the middle of negotiations with Iran over its nuclear program; the more you admit to penetrating their computers and destroying their equipment, the more face the regime will lose with Iranians if it ends up making a deal. (Granted, the odds of a deal are vanishingly small, but why make them smaller?)
Long story short, we’re running a totally awesome cyberpenetration campaign with another country, but we don’t quite trust that other country’s part in the cyberpenetration campaign and, for some reason, we really want our enemies to know that. Huh. Exit question: What does all this cyberespionage mean for a possible Israeli bombing run at Iran’s nuclear facilities? Does it mean an attack is more likely, since by now Israel surely knows much more about potential targets and air defenses than Iran thinks it knows? Or does it mean an attack is less likely because the cyberweapons now in use are sufficiently sophisticated that the U.S. and Israel can now somehow shut down the program remotely, as they originally tried to do with Stuxnet?