On June 1st when David Sanger’s New York Times article on Obama’s magisterial connection to Stuxnet appeared, I chuckled to myself and mused: “that’s a bit of an overreach.” Since then this and other examples of leaking on the assassination of Osama Bin Laden by US Navy Seal Team Six, the al Qaeda drone kill list authorization, the burning of a Saudi double agent ‘asset’ in Yemen over a foiled al Qaeda in the Arabian Peninsula bombing created a maelstrom of bi-partisan criticism in the US Congress. Last Thursday, there was a joint press conference on Capitol Hill in Washington with both Chairs and Ranking Members of the Senate and House Select Intelligence Committees, Sen. Dianne Feinstein (D-CA) and Rep. Mike Rogers (R-MI) clearly irritated about a leaks campaign, with allegations about it originating from the White House. Sen. John McCain was equally perturbed and pushed for appointment of a Special Prosecutor ala Watergate. Leaks from the West Wing were damned by President Obama in a quickly scheduled press conference on Friday. He said how “offended” he was that anyone would accuse the White House of leaking information that would put the lives of service personnel engaged in covert special ops in danger. What quickly followed was Attorney General Eric Holder's announced appointment of two US Attorneys to conduct an official investigation into alleged leaks of classified information with threats of possible criminal prosecution for the culprits
Was the President or Timesman David Sanger off base reporting US and Israel involvement in development and launch of Stuxnet and its variants, Duqu and Flame? The Timesdenied that it received that information from White House sources. Clearly, the episode smacked of unfortunare campaign electioneering puffery. It was aimed at demonstrating control over the development and application of Stuxnet, except for the alleged “unfortunate’ Israeli leakage of the malworm.
When I was a mere child growing up during WWII we had those posters: “loose lips sink ships.” Other countries like the UK have Official Secrets Acts that can result in Star Chamber processes leading to incarceration for possible chargeable violations. Nothing in Israel gets published without first going through military censors. In Washington, leaking is a game. It amounts to floating a trial balloon to find out which way informed or public opinion is trending on allegedly critical issues. Sometimes, it has resulted in federal prosecution, such as in the leaks case of two former Senior Officials at pro-Israel advocacy group AIPAC that resulted in the government case collapsing upon appeal. But not before impleading and wrongfully convicting Larry Franklin, a former Pentagon analyst turned FBI double agent on a trumped up plea bargain – taking home allegedly secret Iran war plans.
That is why I was pleased to see a report on The Atlantic Wire blog based on a Ha’aretz interview with purported Mossad agents claiming bragging rights for developing and launching Stuxnet. The malworm that may have disabled those whirling centrifuges in the cascade halls at Iran’s Natanz nuclear enrichment facility. John Hudson in The Atlantic Wire blog post, “Israeli Spies Want Credit for Stuxnet” spilled the beans:
Israel's officials have a message for anyone praising the CIA for its sophisticated cyber attack on Iran: It was our baby. The Stuxnet computer worm, described by David Sanger in The New York Times last week as an invention by the Bush administration, was actually developed by Mossad, according to Israeli officials speaking with Ha’aretz journalist Yossi Melman on condition of anonymity:
The Israeli officials actually told me a different version. They said that it was Israeli intelligence that began, a few years earlier, a cyberspace campaign to damage and slow down Iran’s nuclear intentions. And only later they managed to convince the USA to consider a joint operation — which, at the time, was unheard of.
The irony of course is that both U.S. and Israeli officials spent years denying knowledge of who carried out the attacks, which reportedly destroyed thousands of Iran's centrifuges, ever since it became public in 2010. Now that it's out, it's time to claim credit! Of course, if you read Sanger's account, he certainly doesn't diminish the expertise of Israel's spies:
Israel’s Unit 8200, a part of its military, had technical expertise that rivaled the N.S.A.’s, and the Israelis had deep intelligence about operations at Natanz that would be vital to making the cyber attack a success.
Regardless, these Israeli officials say Sanger's account was too generous to the CIA. Amusingly, one of the officials tries to play it cool, in his remark to Melman:
My Israeli sources understand the sensitivity and the timing of the issue and are not going to be dragged into a battle over taking credit. “We know that it is the presidential election season,” one Israeli added, ”and don’t want to spoil the party for President Obama and his officials, who shared in a twisted and manipulated way some of the behind-the-scenes secrets of the success of cyber war.”
Translation: We don't need to tell anyone we're the ones responsible for Stuxnet, but just so you know, we're responsible for Stuxnet.
Now, we have written about Stuxnet, Duqu, Flame and the oil industry attacks in Iran. We tend to side with those unnamed Mossad sources because of something that was revealed about an interesting aspect of the Stuxnet code. Note this Computerworld report circa September 2010 endeavoring to confirm the Israeli origins of the malworm:
In a paper released today and presented at a Vancouver, British Columbia security conference, a trio of Symantec researchers noted that Stuxnet includes references in its code to the 1979 execution of a prominent Jewish Iranian businessman.
Buried in Stuxnet's code is a marker with the digits "19790509" that the researchers believe is a "do-not infect" indicator. If the marker equals that value, Stuxnet stops in its tracks, and does not infect the targeted PC.
The researchers -- Nicolas Falliere, Liam O Murchu and Eric Chen -- speculated that the marker represents a date: May 9, 1979.
"While on May 9, 1979, a variety of historical events occurred, according to Wikipedia "Habib Elghanian was executed by a firing squad in Tehran sending shock waves through the closely knit Iranian Jewish community," the researchers wrote.
Elghanian, a prominent Jewish-Iranian businessman, was charged with spying for Israel by the then-new revolutionary government of Iran, and executed May 9, 1979.
According to a contemporary account in Time magazine, Elghanian was the first Jewish Iranian to be executed by the revolutionary government, which seized power after the Shah of Iran, Mohammad Reza Pahlavi, fled the country in January 1979.
"Elghanian, who was convicted of spying for Israel, was said to have made huge investments in Israel and to have solicited funds for the Israeli army, which the prosecution claimed made him an accomplice 'in murderous air raids against innocent Palestinians,'" reported Time.
I don’t know many NSA cyber warriors who could come up with that date. Certainly the Mossad and IDF Unit 8200 backroom boffins could. Meanwhile, let the US Department of Justice investigators try and trace those leaks. I’ll bet a Bill Clinton Krispy Kreme doughnut that they come up with zilch. After all who ever did leak had the ultimate in plausible deniability, President Obama.