Nitro Zeus: The US Plan To Launch A Massive Cyber Attack On Iran

Uploaded on 2016-02-25 in INTELLIGENCE-Hot Spots-Iran, GOVERNMENT-National, FREE TO VIEW, INTELLIGENCE--USA, TECHNOLOGY--Hackers

The Iranian ambassador to IAEA Ali Asghar Soltanieh stronglycriticized  the agency and emphasize that the Islamic Republic would 'never stop or freeze its enrichment activity'. June 6th 2012

In the early years of the Obama administration, the United States developed an elaborate plan for a cyberattack on Iran in case the diplomatic effort to limit its nuclear program failed and led to a military conflict, according to a coming documentary film and interviews with military and intelligence officials involved in the effort.

The plan, code-named Nitro Zeus, was devised to disable Iran’s air defenses, communications systems and crucial parts of its power grid, and was shelved, at least for the foreseeable future, after the nuclear deal struck between Iran and six other nations last summer was fulfilled.

Nitro Zeus was part of an effort to assure President Obama that he had alternatives, short of a full-scale war, if Iran lashed out at the United States or its allies in the region. At its height, officials say, the planning for Nitro Zeus involved thousands of American military and intelligence personnel, spending tens of millions of dollars and placing electronic implants in Iranian computer networks to “prepare the battlefield,” in the parlance of the Pentagon.

The United States military develops contingency plans for all kinds of possible conflicts, such as a North Korean attack on the South, loose nuclear weapons in South Asia or uprisings in Africa or Latin America. Most sit on the shelf, and are updated every few years. But this one took on far greater urgency, in part because White House officials believed there was a good chance that Prime Minister Benjamin Netanyahu of Israel would decide to strike Iran’s nuclear facilities, and the United States would be drawn into the hostilities that followed.

While the Pentagon was making those preparations, American intelligence agencies developed a separate, far more narrowly focused cyber-plan to disable the Fordo nuclear enrichment site, which Iran built deep inside a mountain near the city of Qum. The attack would have been a covert operation, which the president can authorize even in the absence of a continuing conflict.

Fordo is buried in a mountain deep inside an Islamic Revolutionary Guards Corps base. The site came to public attention in 2009 when President Obama announced its existence.

Fordo has long been considered one of the hardest targets in Iran, buried too deep for all but the most powerful bunker-buster in the American arsenal. The proposed intelligence operation would have inserted a computer “worm” into the facility with the aim of frying Fordo’s computer systems — effectively delaying or destroying the ability of Iranian centrifuges to enrich uranium at the site. It was intended as a follow-up to “Olympic Games,” the code name of a cyberattack by the United States and Israel that destroyed 1,000 centrifuges and temporarily disrupted production at Natanz, a far larger but less protected enrichment site.

Under the terms of the nuclear agreement with Iran, two-thirds of the centrifuges inside Fordo have been removed in recent months, along with all nuclear material. The facility is banned from any nuclear-related work and is being converted to other uses, eliminating the threat that prompted the attack plan, at least for the next 15 years.
 
The development of the two secret programs suggest how seriously the Obama administration was concerned that its negotiations with Iran could fail. It also demonstrates the critical role cyber-operations now play in both military planning and covert intelligence operations. 

American generals began incorporating nuclear weapons into their war plans for protecting Europe or countering the Soviet Union in the 1950s, and in the last 15 years, they have made armed drones a central part of military efforts in Pakistan, Afghanistan and elsewhere. In the same way, cyberwarfare has become a standard element of the arsenal for what are now called “hybrid” conflicts.

The existence of Nitro Zeus was uncovered in the course of reporting for “Zero Days,” a documentary that will be first shown Wednesday at the Berlin Film Festival. Directed by Alex Gibney, who is known for other documentaries including the Oscar-winning “Taxi to the Dark Side” about the use of torture by American interrogators, and “We Steal Secrets: The Story of WikiLeaks.”

“Zero Days” describes the escalating conflict between Iran and the West in the years leading up to the agreement, the discovery of the cyberattack on the Natanz enrichment plant, and the debates inside the Pentagon over whether the United States has a workable doctrine for the use of a new form of weaponry whose ultimate effects are only vaguely understood.
NYT: http://nyti.ms/1R7rwW6

 

« Banks Must React To FinTech
NSA AI Technology May Have Targeted Innocents »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

ON-DEMAND WEBINAR: Gen AI for Security: Adoption strategies with Amazon Bedrock

ON-DEMAND WEBINAR: Gen AI for Security: Adoption strategies with Amazon Bedrock

Watch this webinar and get a comprehensive roadmap for securely adopting generative AI using Amazon Bedrock, a fully managed service that offers a choice of high-performing foundation models (FMs).

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Hyper Recruitment Solutions

Hyper Recruitment Solutions

Hyper Recruitment Solutions is a specialist and highly compliant recruitment consultancy dedicated to the Science and Technology sectors.

CloudHesive

CloudHesive

CloudHesive provides cloud solutions through consulting and managed services with a focus on security, reliability, availability and scalability.

Avatu

Avatu

Avatu specialise in providing clients the advice, technology and tools they need to fight cyber and insider threats.

CSIS Security Group

CSIS Security Group

CSIS provide actionable threat intelligence, prevention, incident response and 24/7 managed security services.

GreatHorn

GreatHorn

GreatHorn offers the only cloud-native security platform that stops targeted social engineering and phishing attacks on communication tools like O365, G Suite, and Slack.

ObjectSecurity

ObjectSecurity

ObjectSecurity is a leader in authorization policy automation. With OpenPMF, you can manage application security policies for access control and auditing.

Zeneth Technology Partners

Zeneth Technology Partners

Zeneth is a consulting firm providing information technology and cybersecurity services to federal and commercial clients.

CSIRT-IE

CSIRT-IE

CSIRT-IE is the body within the NCSC that provides assistance to constituents in responding to cyber security incidents at a national level for Ireland.

Garland Technology

Garland Technology

Garland Technology specializes in network access points (TAPs) for 100% visibility allowing you to see every bit, byte, and packet flowing through your network.

PurpleSynapz

PurpleSynapz

PurpleSynapz provides hyper-realistic Cyber Security Training with a modern curriculum and Cyber Range.

Immuta

Immuta

Immuta empowers data engineering and operations teams to automate data governance, security, access control & privacy protection.

Audea

Audea

Audea is a consultancy firm specialising in cybersecurity, risk and compliance. We provide professional services addressing all areas of Cybersecurity and GRC.

Protect AI

Protect AI

Protect AI is a cybersecurity company focused on AI & ML systems. Through innovative security products and thought leadership in MLSecOps, we help our customers build a safer AI powered world.

Ping Identity

Ping Identity

At Ping Identity, we believe in making digital experiences both secure and seamless for all users, without compromise. That’s digital freedom.

Papua New Guinea National Cyber Security Centre (PNG NCSC)

Papua New Guinea National Cyber Security Centre (PNG NCSC)

PNG NCSC is a jointly funded initiative enabling PNG to benefit with the most advanced cyber protection of its critical information and communications technology infrastructure.

Cybervergent

Cybervergent

Cybervergent (formerly Infoprive) are a leading cybersecurity technology company in Africa. We provide cybersecurity guidance and solutions that help protect your business.