The question of the moment has been answered by WaPo - Flame was from the same USA/Israeli campaign that used Stuxnet to destroy 1000 centrifuges:
The United States and Israel jointly developed a sophisticated computer virus nicknamed Flame that collected intelligence in preparation for cyber-sabotage aimed at slowing Iran’s ability to develop a nuclear weapon, according to Western officials with knowledge of the effort.
USA and Israel have launched a campaign of cyber attacks against Iran. Unilateral, undeclared, surprise attacks.
Last year the Pentagon concluded “that computer sabotage coming from another country can constitute an act of war” according to the Wall Street Journal. Back in 2010, Secretary of State Hillary Clinton declared “countries or individuals that engage in cyber attacks should face consequences and international condemnation.”
Given the evidentiary nature of tracking a nation's actions in war, a newspaper expose is generally about as good as it gets. For non-USA readers, the Washington Post is one of the top handful papers, and they won't be making mistakes on this one. In this case, we get one better - the FBI are investigating leaks into the Stuxnet disclosures, and have thus confirmed the basic accuracy of the WaPo revelations.
Targetting and destroying centrifuges is about as clear and directed an attack as it gets in warfare. By way of analogue, it's little different to the classical bombing attacks of WWII directed against ball-bearing factories in the Ruhr. Like the city/factory bombing campaign of those days, this campaign also appears to be flexible in target scope:
Flame came to light last month after Iran detected a series of cyberattacks on its oil industry. The disruption was directed by Israel in a unilateral operation that apparently caught its American partners off guard, according to several U.S. and Western officials who spoke on the condition of anonymity.
OK, let's take down their oil industry. Who the heck cares?
Well, perhaps there are some responses possible. We'll leave with just this one thought from Bruce Schneier:
There's a common belief within the U.S. military that cyberweapons [mitigation] are not in our best interest: that we currently have a military advantage in cyberspace that we should not squander. That's not true. We might have an offensive advantage -- although that's debatable -- but we certainly don't have a defensive advantage. More importantly, as a heavily networked country, we are inherently vulnerable in cyberspace.
(I edited one word out for context. In his discussion he is talking about cyberweapon treaties, but the wider point remainst true.)
Ye reap what ye sew, and all that. For the USA, it's gonna get biblical - the new question for Washington DC is whether DHS is prepared for Iranian counterstrikes in cyberspace.
Posted by iang at June 20, 2012 05:28 PM | TrackBack"the new question for Washington DC is whether DHS is prepared for Iranian counterstrikes in cyberspace."
Of course not and the political masters answer will be to try and take oversight of the private sector (as that's easier) than enforcing FISMA and strengthening internal federal oversight of security controls.
Posted by: Peter Thoenen at June 25, 2012 02:20 PMhttp://www.telegraph.co.uk/news/uknews/law-and-order/9399014/Destroy-our-cyber-enemies-say-MPs.html
Destroy our cyber enemies, say MPs.
So our MPs want to put Britain in the firing line.
Posted by: darren at July 17, 2012 04:16 PMThe people that run these SCADA systems for critical industrial controls rarely have a computer security mindset. They're engineers, and to them computers and computer networks are just another tool, not their main focus, so they really haven't the foggiest idea and they don't really care how stupid it is to control all that expensive equipment from a PC connected to the internet running a commodity operating system not known for its security, much less set it up for remote-desktop access from who knows where with a password typical of the average user.
You really don't want to leave these systems accessible to some hacker who thinks it's funny to destroy a municipal sewage pump station or turn a traffic signal green all four ways during rush hour, but it took the ignorance to a whole new level when they knew good and well that major nation-states didn't want them to be doing what they were doing, and yet they still didn't have basic security controls in place.
That was an expensive lesson for the Iranians, and rather a waste for us, because somehow I don't think it will be so easy to hack their centrifuges again, and just wait till Iran has nukes if you think gas is expensive now.
Posted by: justin at August 13, 2012 10:58 PM