Stuxnet Virus Attack Details Emerge

Uploaded on 2019-09-09 in NEWS-Cybersecurity News, INTELLIGENCE--International, FREE TO VIEW

The Stuxnet virus that decimated Iran’s nuclear program was introduced by a Dutch mole working with the CIA and Mossad, intelligence sources claimed, as Israel is shopping its cyber weapons to anyone with cash to buy. 

For years, an enduring mystery has surrounded the Stuxnet virus attack that targeted Iran’s nuclear program: How did the U.S. and Israel get their malware onto computer systems at the highly secured uranium-enrichment plant?

The first-of-its-kind virus, designed to sabotage Iran’s nuclear program, effectively launched the era of digital warfare and was unleashed some time in 2007, after Iran began installing its first batch of centrifuges at a controversial enrichment plant near the village of Natanz.

The courier behind that intrusion, whose existence and role has not been previously reported, was an inside mole recruited by Dutch intelligence agents at the behest of the CIA and the Israeli intelligence agency, the Mossad, according to sources who spoke with Yahoo News.

So an Iranian engineer was recruited by the Dutch intelligence agency AIVD, acting under the direction of the CIA and Mossad, to infect some 2,000 Iranian nuclear centrifuges with the catastrophic Stuxnet virus, which set that country’s nuclear program back years, according to intelligence sources who spoke to Yahoo News.

The mole, who posed as a mechanic, reportedly provided data that was critical to helping the virus’ developers shape their code to specifically target the systems at the Natanz plant where it was ultimately unleashed, then helped get the virus onto the plant computers using a flash drive. One of the sources called him “the most important way of getting the virus into Natanz.”

While the US and Israel were the primary players behind the initiative, designed to cripple but not destroy Iran’s nuclear program in order to force it to the negotiating table, the Netherlands, Germany, and one other country (believed to be France) were also allegedly involved, motivated by Israel’s insistence that Iran was developing a nuclear bomb. 

In addition to supplying the agent, the Dutch contributed information about the centrifuges, which were based on designs stolen from a Dutch company in the 1970s by a Pakistani scientist.

Stuxnet is widely considered to be the first offensive cyber-weapon, launching a “digital arms race” after a new and especially virulent version of the code, reportedly deployed by Mossad against US advice, was brought in by unsuspecting contractors who’d been infected elsewhere after the mole lost his access to the plant. 

The malicious code not only infected other companies the contractors worked with but spread to thousands of computers worldwide, bringing Stuxnet to public attention by June 2010. The exposure of the virus triggered a paradigm shift in cyber operations and set other countries, including the US’ enemies, clamoring for their own cyber-weapons.

Since then, Israel has capitalised on its reputation as one of the prime movers behind the deadly (for computers, at least) virus, selling cyber weapons to countries around the world. 

It’s about to get much less particular about whom it sells those weapons to, causing significant concern among cybersecurity and human rights groups who have already accused Tel Aviv of marketing insidious spyware like NSO Group’s Pegasus to repressive regimes who use it to spy on opposition politicians, human rights activists and even journalists.

These abuses occurred under a system that required 12 months or longer to approve cyber-weapons sales, with matters further complicated by marketing and export license requirements and sales restricted to tightly-vetted allies. 

Under the new system, purchases can be approved in as little as four months, and more companies will be eligible to obtain the licenses. More ominously, a larger pool of potential buyers will have access to the devastating cyber-weapons.

The Israeli Defense Ministry has justified loosening restrictions by insisting Israeli companies need the freedom to remain competitive in the industry, in defiance of a United Nations call for a global moratorium on cyber weapons sales.

Russia Today:         Yahoo:      deVolksrant

You Might Also Read: 

Dutch Intelligence Agency Pinpoints Cyberattacks:

 

 

 

« Attacks On Hong Kong Protesters
British Revenue & Customs Want A Head of Cyber Security Operations »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Wooxo

Wooxo

Wooxo provides business security and continuity solutions to protect business data for organisation of all sizes.

AGAT Software

AGAT Software

AGAT Software is an innovative security provider specializing in external access authentication and data protection solutions.

K2 Integrity

K2 Integrity

K2 Integrity is a preeminent risk, compliance, investigations, and monitoring firm - built by industry leaders to safeguard our clients’ operations, reputations, and economic security.

BA-CSIRT

BA-CSIRT

BA-CSIRT is a center which is dedicated to assist and raise awareness among citizens and the Government of the City of Buenos Aires in everything related to information security.

Excelerate Systems

Excelerate Systems

Excelerate Systems is a leading provider of IT services with a focus on Big Data, Cloud Services and Security.

Identity Defined Security Alliance (IDSA)

Identity Defined Security Alliance (IDSA)

IDSA is a group of identity and security vendors, solution providers and practitioners that acts as an independent source of education and information on identity-centric security strategies.

Strategic Cyber Ventures (SCV)

Strategic Cyber Ventures (SCV)

SCV grow cybersecurity companies that disrupt advanced cyber adversaries and revolutionize the cyber product marketplace.

Resistant AI

Resistant AI

Resistant AI protects against evolving online fraud. We connect the dots to provide a new layer of trust and performance for our clients’ systems.

Neovera

Neovera

Neovera is a trusted provider of managed services including cyber security and enterprise cloud solutions, committed to delivering results through the innovative use of scalable enterprise-grade tech.

Quantum Armor

Quantum Armor

Quantum Armor is a next-gen cyber security monitoring platform that allows you to continuously stay aware of your security posture, and proactively spot trends, vulnerabilities and potential attacks.

Transparity Cyber

Transparity Cyber

Transparity Cyber is dedicated to cybersecurity. As part of the Transparity Group we’re an established name in the Microsoft Cloud landscape, with a focus on cybersecurity excellence.

Exalens

Exalens

With deep roots in AI-driven cyber-physical security research and intrusion detection, at Exalens, we are enhancing operational resilience for cyber-physical systems at the OT edge.

Wired Assurance

Wired Assurance

Wired Assurance is a testing and assurance company, specialized in software applications and blockchain smart contracts.

Badge

Badge

Badge authenticates you on-demand for every application, on any device, without storing any secrets.

CODA Intelligence

CODA Intelligence

CODA's AI-powered attack surface management platform helps you sort out the important remediations needed in order to avoid exploits on your systems.

LT Harper

LT Harper

LT Harper specialise in cyber security recruitment. We believe in providing an individualised service to our customers whether they are looking for a new opportunity or to hire talent.