It's not every day you "officially" learn that America and Israel not only created Stuxnet, but also ordered cyberattacks against Iran, so now it's being considered a "national security leak." It moved from conspiracy theory to a cybersecurity bombshell when the New York Times reported that the Bush administration authorized the cyber weapon program codenamed Olympic Games and President Obama continued increased cyberattacks on Iran nuclear facilities. The NSA and CIA also allegedly had a hand in disrupting Iran's nuclear program. Now the FBI is investigating who leaked the Stuxnet "cyber-sabotage" story to the New York Times. Additionally, Senator Dianne Feinstein, chairwoman of Intelligence Committee, wants Capitol Hill hearings into the leak.
Feinstein released this statement to the press: "I am deeply disturbed by the continuing leaks of classified information to the media, most recently regarding alleged cyber efforts targeting Iran's nuclear program. Today I sent a classified letter to the president outlining my deep concerns about the release of this information. I made it clear that disclosures of this type endanger American lives and undermine America's national security."
The Hill quoted Feinstein as saying "the leak about the attack on Iran's nuclear program could 'to some extent' provide justification for copycat attacks against the United States." Feinstein stated, "This is like an avalanche. It is very detrimental and, candidly, I found it very concerning. There's no question that this kind of thing hurts our country."
That can of covert cyber-worms just keeps spilling trouble. Two people familiar with the probe told the Wall Street Journal that the "FBI has opened an investigation into who disclosed information about a classified U.S. cyberattack program aimed at Iran's nuclear facilities."
According to the CBS News' "Face the Nation" transcript, when David Sanger was asked about the New York Times article, the Confront and Conceal book, and Olympic Games, Sanger said "the four-year-long campaign continues through to this day." Sanger continued:
You know, in the case of Olympic Games, I spent a year working the story from the bottom up, and then went to the administration and told them what I had. Then they had to make some decisions about how much they wanted to talk about it. All that you read about this being deliberate leaks out of the White House wasn't my experience. Maybe it is in -- in other cases. I'm sure the political side of the White House probably likes reading about the President acting with drones and cyber and so forth. National security side has got very mixed emotions about it because these are classified programs.
"Is President Obama changing the face of foreign policy?" CBS News reported the "drone and cyber wars is a new phase in American foreign policy" to which Sanger said, "The country's tired of these big wars of occupation, of sending 100,000 troops into a country, staying around for four or five years at a cost of a trillion dollars or more, and yet we still have these threats. So the way he has operated has been to try to choose a high-tech area where the Unites States has advantage."
Not everyone believes America has the advantage. "The downside for owning up to cyberattacks is that other governments can now feel free to do the same. And the United States has the most to lose from attacks like these," wrote F-Secure's Mikko Hypponen. "No other country has so much of its economy linked to the online world." He added that the "game is on" and "by launching Stuxnet, American officials opened Pandora's box. They will most likely end up regretting this decision."
Meanwhile, there's also continued fallout in regard to Microsoft's part in the recent cyber espionage Flame malware. With about 900 million Windows computers, it's a big deal when spoofed Microsoft security certificates helped leverage Flame for cyberwar. Even though the Mighty M released an emergency patch for Flame, some folks said helping Flame spread was a "Huge security FAIL." F-Secure said "Having a Microsoft code signing certificate is the Holy Grail of malware writers" even if it is also a "nightmare scenario." Techrights went so far as to suggest "all the latest Stuxnet coverage hardly ever mentions Microsoft or Windows. It's criminally poor journalism."
Like this? Here's more posts:
- Get ready for more TSA pat-downs
- Study Finds 1 in 2 Americans are 'Clueless' about Webcam Hacking
- Inception-like Remee lets you take control of your dreams
- Fight the Patriot Act and win. Next? Promise privacy, a surveillance-free ISP
- Sanitize Microsoft Office: How to remove personal metadata
- Trolling Terrorists with Propaganda: The US hack of al-Qaida that wasn't a hack
- Male or female, who's the better social engineer? Battle of the SExes!
- Emergency Windows patch stops Flame malware from spoofing Microsoft security certificate
- SOPA supporters meet in secret to strangle Internet freedom & online speech
- Microsoft Researchers say cybercrime loss estimates are a bunch of bunk
- This is why people pirate Windows
- Hacktivists UGNazi attack 4chan, CloudFlare and Wounded Warrior Project
- FBI Creates Surveillance Unit to Build Backdoors into the Web
Follow me on Twitter @PrivacyFanatic
Ms. Smith (not her real name) is a freelance writer and programmer with a special and somewhat personal interest in IT privacy and security issues. Smith has a diverse background in information technology, programming, web development, IT consulting, and information security. She focuses on the unique challenges of maintaining privacy and security, both for individuals and enterprises. She has worked as a journalist and has also penned many technical papers and guides covering various technologies. Smith is herself a self-described privacy and security freak.
Smith is an independent contractor and is not affiliated with any vendor that makes or sells information technology.
Policy on comments: Respectful discussion is welcomed! However comments that use inappropriate language, consist of name calling or personal attacks, or include accusations of wrongdoing are not appropriate. Those comments will be deleted or edited