Friday, December 10, 2010

The Dogs Are Loose


The Dogs Are Loose
By George H. Wittman on 12.10.10 @ 6:08AM

Cry, "Havoc!" and let slip the dogs of war.
-- Julius Caesar (3.1.268), W. Shakespeare


Even though Iran this week resumed talks in Geneva with diplomats from six world powers, for all intents its nuclear development program is already under direct physical and electronic attack even if an overt military strike has not yet occurred. This not-so-covert war seems to have begun in earnest as early as July or as late as September with the advent of the Stuxnet worm, though some reports indicate it could have begun even earlier.

Iranian Intelligence Minister Heidar Moslehi confirmed what he called "these destructive activities" and vowed counteraction. The so-called cyberattacks were linked with the bombing in late November of the cars of two senior Iranian scientists working on different aspects of nuclear weapon development. It's clear that the long threatened offensive against the Persian bomb development has begun through technical and direct covert actions. The Iranians recognize this fact.

One of the targets was Dr. Fereydoon Abbasi-Davani, who was characterized as "a senior defense ministry and armed forces logistics scientist." It has been suggested that he is connected to the Islamic Revolutionary Guard Corps (IRGC). Abbasi-Davani remains alive though wounded along with his wife, who was riding with him. The other scientist, Majid Shahriyari, was killed outright in a separate attack the same day. He was referred to by the Iranian nuclear agency director, Ali Akbar Salehi, as "in charge of one of the great projects" at their Atomic Energy Agency.

The operation against these separate but related targets was carried out quite professionally, by motorcyclists who drove up to the respective vehicles in which the scientists were traveling and attached "limpet" explosive charges to the moving cars. Earlier, in January of 2010, another nuclear scientist, Masoud Ali Mohammadi, was also killed by a bomb explosion.

These direct "hits" on key figures in the Iranian nuclear development program obviously are meant as much as a warning to other key scientists who work in the nuclear field in Iran as "executive actions" designed to eliminate particularly valuable individuals. Unsurprisingly, Iranian authorities have charged Israel’s Mossad and the CIA with complicity in these attacks. Whatever the case, the level of sophistication certainly shows a professional involvement -- either mercenary or official, or both.

As public as these physical bombing actions were, perhaps even more effective have been the cyberattacks first noted worldwide in July but centering on Iran by September. The BBC at that time referred to this "Stuxnet worm" as being "targeted at high value Iranian assets."

Apparently the Stuxnet worm seeks out various security weaknesses such as in supervisory control and data acquisition (SCADA). These systems are said to be an important management tool in major facilities such as petroleum complexes, robotic factory elements, and nuclear reactors. Forensic analysis that has been done on this particular worm suggests that its complexity and sophistication indicate it was structured with malicious intent -- specifically sabotage. Ralph Langer, a respected German security researcher and expert in SCADA systems, concluded that "it must have been released by a nation-state."

It wasn't until the last week in November, after denials by various Iranian officials, that President Mahmoud Ahmadinejad stated publicly that "several uranium enrichment centrifuges" were damaged by what was termed "malware." A similar view was reported previously by the computer security firm Symantec and others who had noted that Iran was having "more infections than any other country" and that Stuxnet "might have been designed to disrupt the motors that power gas centrifuges used to enrich uranium."

The media have been alerting the public about possible Israeli or U.S. military efforts to "take out" Iranian nuclear weapon development sites. While emphasizing the danger of air and sea attacks on Persian installations, these stories have always focused on the expectation of these strikes. Discussion of potential cyberattacks has been limited for the most part to Chinese attempts to penetrate American defense installations. The applicability of such "weaponry" to aborting Iran's nuclear weapon development certainly has not been highlighted.

What is fascinating from a covert warfare standpoint is the juxtaposition of the oldest form of sabotage, i.e. assassination of key individuals, with the contemporary scientific device of computer system disablement. The real question is what will now follow? It is doubtful that the Iranians will not respond in some manner to what are attacks on their infrastructure and human assets. The clue to how seriously they are taking these attacks is how little comment has come from their side.

No comments: