January 18-19, 2011 — Stuxnet: a violation of US computer security law, by Wayne Madsen
If a January 15 report in The New York Times, which has a dubious past in reporting on computer security and hacking issues, is true — that the United States Department of Homeland Security, Department of Energy — via the Idaho National Laboratory — Siemens (which has a long-standing intelligence relationship with the National Security Agency), the CIA, Britain’s intelligence services, Germany, and Israel’s Mossad cooperated to develop the Stuxnet computer worm to disable Iranian nuclear program centrifuges, the U.S. government violated a number of federal computer security laws that prohibit the development of malicious computer programs that damage ″federal interest″ computers. The Stuxnet worm, which, according to the Times, was tested at Israel’s Dimona nuclear weapons development facility in the Negev, not only infected Iranian nuclear program computers but spread to computers in other countries, including the United States. Stuxnet code was discovered through computer forensics to contain key words from the Jewish Old Testament Book of Esther, further establishing Israeli fingerprints on the malicious code. The malicious code’s file name, Myrtus, is the Hebrew word for Esther. According to myth, Esther saved the Jews from a Persian plot to exterminate them.
The New York Times article by William Broad, John Markoff, and David Sanger, three reporters who have their own questionable ties to Israeli interests, states that when Stuxnet first appeared around the world in June last year, it did little harm and did not slow computer networks. However, this is merely an attempt to let the U.S. and Israeli governments off the hook by falsely claiming that the only damage done by Stuxnet was to the centrifuge systems used by Iran to enrich uranium. Although Stuxnet likely did disable Iran’s centrifuges, causing a set-back to its nuclear program, the Stuxnet worm, contrary to The New York Times report, resulted in computer down time and disruption far beyond Iran. The disruption by a digital version of a U.S. and Israeli military first strike makes the United States government and Israel civilly liable for the damage and disruption caused by Stuxnet. [Read more…]