Expert: Stuxnet Just Latest in U.S. Hacks of Covert Nuke Programs

Type threatpost
Reporter Paul Roberts
Modified 2013-04-17T16:35:20


CORRECTION: This article originally included the incorrect name for an associate of A.Q. Khan. The correct name of the associate is “Friedrich Tinner,” a Swiss nuclear engineer. The name has been corrected in the article.

_The author of a new book on the evolution of the world’s first nuclear black market says that Stuxnet is just the latest in a long string of efforts by the U.S. and its allies to slow or stop the creation of nuclear programs by rogue nations. _

Related Posts

PLC-Blaster Worm Targets Industrial Control Systems

August 5, 2016 , 4:49 pm

Attributing Advanced Attacks Remains Challenge For Researchers

July 27, 2016 , 12:27 pm

Scan Reveals Hydropower Plants, Other Critical Infrastructure Exposed Online

July 15, 2016 , 2:09 pm

__Stuxnet, the world’s most famous industrial malware has spurred questions and controversy. Who created it? what was its purpose? And did it work? But a new book out by journalists Catherine Collins and Douglas Frantz claims that Stuxnet was just the latest in a string of covert efforts by the U.S. and its allies to sabotage the nuclear programs of rogue nations, and may have been necessary because of the failure of earlier sabotage attempts.

Their book, ‘Fallout: The True Story of the CIA’s Secret War on Nuclear Trafficking” examines the U.S.’s investigation of A.Q. Khan, the father of Pakistan’s nuclear weapons program and of an extensive black market in nuclear materials. Among the pages of this fascinating account of Khan’s rise and the CIA’s decades-long surveillance of his secretive network are some interesting tidbits that shed light on the possible origins of the Stuxnet worm.

Khan’s network was a critical supplier of nuclear equipment to the regimes in North Korea, Libya and Iran that wanted to build a nuclear weapons programs out of sight of international watch dogs and regulators. Among other things, Khan supplied the Iranian leadership with centrifuges used to enrich uranium that could be used to build a nuclear weapon. Those same centrifuges, we now known, were the primary target of the Stuxnet worm, which is believed to have disabled a good part of Iran’s nuclear enrichment operation and set the country’s progress towards a bomb back by years.

In an interview for the National Public Radio program Fresh Air, Frantz – a former managing editor of the Los Angeles Times and now chief investigator for the Senate Foreign Relations Committee – said that the U.S. and its allies had been intercepting, analyzing and tampering with critical technologies used by nations like Libya and Iran for years.

According to Frantz, the CIA, working with scientists and engineers at the Department of Energy, started a program to buy, reverse engineer and tamper with critical technology needed to refine and enrich uranium, including vacuum pumps, electric regulators and critical centrifuge components. According to Frantz, in the case of the vacuum pumps, the CIA purchased the pumps from a German manufacturer and had them sent to Los Alamos where a U.S. Scientist, dubbed “The Mad Scientist” by the CIA reverse engineered the devices and reprogrammed them to explode at a predefined pressure. Those altered parts were then passed on to Iran and Libya. The CIA did the same with electric regulators, manufactured in Turkey, that were passed on to Iran and Libya. Finally, the CIA asked a Khan associate, Friedrich Tinner, to manufacture minute flaws into centrifuge parts so that they wouldn’t operate properly in production.

Of course, that program had some consequences. While Frantz acknowledges that the altered parts did hamper the progress of those programs, in the case of Iran, he says that engineers were able to work around the CIA’s tampering and continue to use the critical components that U.S. had allowed to be shipped – components that the U.S. would otherwise have gone to great lengths to prevent Iran from acquiring. According to Frantz, the creation of the Stuxnet worm became necessary because Iran had overcome earlier efforts at sabotaging the centrifuges and was making steady progress toward assembling the fuel necessary to make a bomb.

Frantz’s account of the CIA’s efforts to derail budding nuclear programs in Libya and Iran over the last two decades dovetails with recent disclosures about the origins of the Stuxnet worm that suggest that critical intelligence that enabled the worm to manipulate programmable logic controllers (PLCs) used by Iran had come from the U.S. Frantz’s discussion of the sabotage operation and his reference to the motivation to create Stuxnet comes at around the 17:00 minute mark in the interview.

Even with the recent revelations, debate on Stuxnet continues. In a presentation at the Black Hat Conference in Washington D.C., security consultant Tom Parker said that an analysis of the Stuxnet codes suggests the worm’s code was not as sophisticated as the public had been led to believe, and that the final Stuxnet worm may be an amalgam of work done by two disparate groups of programmers -one highly sophisticated, and one less so.