cyberattack Cyberattack project: Nitro Zeus

[Sylence]

 

BERLIN — In the early years of the Obama administration, the United States developed an elaborate plan for a cyberattack on Iran in case the diplomatic effort to limit its nuclear program failed and led to a military conflict, according to a coming documentary film and interviews with military and intelligence officials involved in the effort.

 

The plan, code-named Nitro Zeus, was devised to disable Iran’s air defenses, communications systems and crucial parts of its power grid, and was shelved, at least for the foreseeable future, after the nuclear deal struck between Iran and six other nations last summer was fulfilled.

 

Nitro Zeus was part of an effort to assure President Obama that he had alternatives, short of a full-scale war, if Iran lashed out at the United States or its allies in the region. At its height, officials say, the planning for Nitro Zeus involved thousands of American military and intelligence personnel, spending tens of millions of dollars and placing electronic implants in Iranian computer networks to “prepare the battlefield,” in the parlance of the Pentagon.

 

The United States military develops contingency plans for all kinds of possible conflicts, such as a North Korean attack on the South, loosenuclear weapons in South Asia or uprisings in Africa or Latin America. Most sit on the shelf, and are updated every few years. But this one took on far greater urgency, in part because White House officials believed there was a good chance that Prime Minister Benjamin Netanyahu of Israel would decide to strike Iran’s nuclear facilities, and the United States would be drawn into the hostilities that followed.

 

While the Pentagon was making those preparations, American intelligence agencies developed a separate, far more narrowly focused cyberplan to disable the Fordo nuclear enrichment site, which Iran built deep inside a mountain near the city of Qum. The attack would have been a covert operation, which the president can authorize even in the absence of a continuing conflict.

 

Fordo has long been considered one of the hardest targets in Iran, buried too deep for all but the most powerful bunker-buster in the American arsenal. The proposed intelligence operation would have inserted a computer “worm” into the facility with the aim of frying Fordo’s computer systems — effectively delaying or destroying the ability of Iranian centrifuges to enrich uranium at the site. It was intended as a follow-up to “Olympic Games,” the code name of a cyberattack by the United States and Israel that destroyed 1,000 centrifuges and temporarily disrupted production at Natanz, a far larger but less protected enrichment site.

 

Under the terms of the nuclear agreement with Iran, two-thirds of the centrifuges inside Fordo have been removed in recent months, along with all nuclear material. The facility is banned from any nuclear-related work and is being converted to other uses, eliminating the threat that prompted the attack plan, at least for the next 15 years.

 

The development of the two secret programs suggest how seriously the Obama administration was concerned that its negotiations with Iran could fail. It also demonstrates the critical role cyberoperations now play in both military planning and covert intelligence operations. American generals began incorporating nuclear weapons into their war plans for protecting Europe or countering the Soviet Union in the 1950s, and in the last 15 years, they have made armed drones a central part of military efforts in Pakistan, Afghanistan and elsewhere. In the same way, cyberwarfare has become a standard element of the arsenal for what are now called “hybrid” conflicts.

 

The existence of Nitro Zeus was uncovered in the course of reporting for “Zero Days,” a documentary that will be first shown Wednesday at the Berlin Film Festival. Directed by Alex Gibney, who is known for other documentaries including the Oscar-winning “Taxi to the Dark Side” about the use of torture by American interrogators, and “We Steal Secrets: The Story of WikiLeaks.”

 

“Zero Days” describes the escalating conflict between Iran and the West in the years leading up to the agreement, the discovery of the cyberattack on the Natanz enrichment plant, and the debates inside the Pentagon over whether the United States has a workable doctrine for the use of a new form of weaponry whose ultimate effects are only vaguely understood.

 

Mr. Gibney and his investigative team, led by Javier Botero, interviewed current and former participants in the Iran program who revealed details of the effort to infuse Iran’s computer networks with “implants” that could be used to monitor the country’s activities and, if ordered by Mr. Obama, to attack its infrastructure. (Under rules laid out in presidential directives, some made public three years ago by Edward J. Snowden, the former National Security Agency contractor, only the president can authorize an offensive cyberattack, just as the president must approve the use of nuclear weapons.)

 

The New York Times conducted separate interviews to confirm the outlines of the program. The findings were described over the past two weeks to the White House, the Pentagon, and the Office of the Director of National Intelligence, all of which declined to comment, noting that they never discuss planning for military contingencies.

 

For the seven-year-old United States Cyber Command, which is still building its cyber “special forces” and deploying them throughout the world, the Iran project was perhaps its most challenging program yet. “This was an enormous, and enormously complex, program,” said one participant who requested anonymity to discuss a classified program. “Before it was developed, the U.S. had never assembled a combined cyber and kinetic attack plan on this scale.”

 

Nitro Zeus had its roots in the Bush administration but took on new life in 2009 and 2010, just as Mr. Obama asked General John R. Allen, at United States Central Command, to develop a detailed military plan for Iran in case diplomacy failed. It was a time of extraordinary tension, as the Iranians accelerated their production of centrifuges and produced near-bomb-grade fuel and Western intelligence agencies feared they might be on the verge of developing a nuclear weapon. It was also a period of extraordinary tension with Israel, partly because of its presumed role in theassassination of Iranian nuclear scientists, and partly because of evidence that Mr. Netanyahu was preparing a pre-emptive strike against Iran, despite warnings from the United States.

 

At the time, Mr. Obama’s aides thought he did not have a credible military contingency plan. In his memoir, “Duty,” former Secretary of Defense Robert M. Gates described his concerns — laid out in a highly restricted memorandum to the White House in January 2010 — that America’s top national security leadership had not even begun to debate what a fast reaction to Iranian aggression would look like.

 

Nitro Zeus quickly emerged as one possible response for Mr. Obama, a way to turn off critical elements of the Iranian infrastructure without firing a shot. While cyberoperations have long been contemplated in other war scenarios, Nitro Zeus “took it to a new level,” one participant said. Yet the planners warned that depending on how the conflict unfolded, there could be significant effects on civilians, particularly if the United States had to cut vast swaths of the country’s electrical grid and communications networks.

 

While Cyber Command would have executed Nitro Zeus, the National Security Agency’s Tailored Access Operations unit was responsible for penetrating adversary networks, which would have required piercing and maintaining a presence in a vast number of Iranian networks, including the country’s air defenses and its transportation and command control centers.

 

It is a tricky business, the war planners say, because their knowledge of how networks are connected in Iran, or any other hard target, is sketchy — and collateral damage is always hard to predict. It is easier to turn off power grids, for example, than to start them up again.

 

Even as the Pentagon prepared for a broad conflict, American intelligence agencies had a narrower target: how to sabotage the underground Fordo enrichment site, just as they had sabotaged Natanz at the end of the Bush administration and the beginning of the Obama administration.

 

That effort accelerated in 2012 and 2013, as the Iranians began to fill Fordo’s deep underground cavity with more than 3,000 centrifuges. But it was set aside, after the Iranians significantly slowed their enrichment activity during the negotiation over the nuclear deal, and then dismantled part of the Fordo plant.

 

The program to develop a computer worm to attack Fordo appears to have been initially developed around the time that Mr. Obama and other world leaders revealed the existence of the underground facility at a conference in Pittsburgh in September 2009. It is unclear how American spies planned to get inside the underground nuclear facility — physically or remotely — and whether the United States or an ally like Israel might have had to use human sources inside the country to conduct the network attack.

 

The Snowden documents revealed a series of technologies that can be used to insert programs remotely in a system disconnected from the Internet. That was done repeatedly at Natanz, as malware was refined and refined again, with each version subtly manipulating the computer controllers for the centrifuges so that the giant, spinning machines would gyrate wildly out of control and destroy themselves. The attack on Fordo appears to have been designed to be more blunt and obvious — a straightforward strike that would destroy the circuitry that powered the centrifuges and their controllers.

 

It is unclear how successful the strike would have been. While such efforts are usually tested in mock facilities, there almost certainly would have been surprises had it been used against the Fordo plant. It is also unclear the degree to which American and Israeli intelligence agencies may have collaborated on the program, especially after the recriminations in 2010over evidence that Israel rushed ahead in producing a version of the Stuxnet worm without properly testing it, leading to its exposure.

 

Source

[Batu69]

Thread edited: Make paragraphs.

[Holmes]

I read about this on msn and they have had this project in the works for a long time.  They have this just in case diplomacy fails.  Unfortunately they cant do anything too north korea because there on a intranet.  Lets hope this cyber attack works if they have to use it.

[straycat19]

4 minutes ago, Holmes said:

I read about this on msn and they have had this project in the works for a long time.  They have this just in case diplomacy fails.  Unfortunately they cant do anything too north korea because there on a intranet.  Lets hope this cyber attack works if they have to use it.

 

There are ways to get to North Korea, or anywhere else for that matter, the simplest being to salt the area with flash drives,  People find flash drives and plug them in, and voila, you now have access to their data.  All of North Korea is not on an intranet only, only the lowly masses, so once you get into a government machine you have them by the balls, so to speak.

 

Stuxnet was brilliant, not only the malware, but all the misdirection and false leads that were fed to the Iranians for years.  And who is to say that there isn't something on their systems now just waiting for a signal to activate.  Afterall, if you want to go to war with a country and you can turn off all its power whenever you want, then it is at the mercy of the attacker.  It is kind of like having an ace up your sleeve, just in case you ever need it.  Cyber warfare is much more than just hacking into systems to obtain data, it is being able to critically paralyze an enemy's infrastructure so they cannot pursue an effective posture during conflict.

[Sylence]

10 minutes ago, straycat19 said:

 

There are ways to get to North Korea, or anywhere else for that matter, the simplest being to salt the area with flash drives,  People find flash drives and plug them in, and voila, you now have access to their data.  All of North Korea is not on an intranet only, only the lowly masses, so once you get into a government machine you have them by the balls, so to speak.

 

Stuxnet was brilliant, not only the malware, but all the misdirection and false leads that were fed to the Iranians for years.  And who is to say that there isn't something on their systems now just waiting for a signal to activate.  Afterall, if you want to go to war with a country and you can turn off all its power whenever you want, then it is at the mercy of the attacker.  It is kind of like having an ace up your sleeve, just in case you ever need it.  Cyber warfare is much more than just hacking into systems to obtain data, it is being able to critically paralyze an enemy's infrastructure so they cannot pursue an effective posture during conflict.

 

28 minutes ago, Holmes said:

I read about this on msn and they have had this project in the works for a long time.  They have this just in case diplomacy fails.  Unfortunately they cant do anything too north korea because there on a intranet.  Lets hope this cyber attack works if they have to use it.

 

don't think Iran just sits idly by and let a country like U.S lunch a successful cyberattack on it 

Iran has one of the best cyberattack forces in the world now and it's getting better and better. even back in 2009, when Iran wasn't as strong in cyberwarfare as it is now, israel and U.S spent billions of $$ to lunch stuxnet, an offline attack. 

 

by the way, this is just a news, might be just a fake propaganda which we're all seeing a lot nowadays, after all talk is cheap..even Hilary has learned how to bark 

[Holmes]

The leader of north korea is kim jong un and supposedly he is a child prodigy if he is as smart as they claim he is then he would have all bases covered including making sure one of his people dont pick up flash drives (assuming you can get that close to drop them off).  Stuxnet was brilliant I agree and there have been additional malware that are stronger one considered stuxnet two point zero forget what the name was and flame was a powerful one to it was coded so that its source code looked like a business database system not malware code in general that was brilliant to.  I hope they have a electronic implant in a north korean computer would help us prevent them from launching the so called bombs that they have now on us or our allies.  Im sure there is data that could be helpful to us in north koreas computer systems and I realize thats not all cyber warfare is I just hope we have everything under control better then what I have been hearing if we dont we may be in deep sh*t.

[straycat19]

Quote

don't think Iran just sits idly by and let a country like U.S lunch a successful cyberattack on it

 

They already did at least once that the world knows of and if they did it once they could have done it again.  

[Sylence]

40 minutes ago, straycat19 said:

 

They already did at least once that the world knows of and if they did it once they could have done it again.  

 

could have..you answered your own question  

 

[Sylence]

2 hours ago, Holmes said:

The leader of north korea is kim jong un and supposedly he is a child prodigy if he is as smart as they claim he is then he would have all bases covered including making sure one of his people dont pick up flash drives (assuming you can get that close to drop them off).  Stuxnet was brilliant I agree and there have been additional malware that are stronger one considered stuxnet two point zero forget what the name was and flame was a powerful one to it was coded so that its source code looked like a business database system not malware code in general that was brilliant to.  I hope they have a electronic implant in a north korean computer would help us prevent them from launching the so called bombs that they have now on us or our allies.  Im sure there is data that could be helpful to us in north koreas computer systems and I realize thats not all cyber warfare is I just hope we have everything under control better then what I have been hearing if we dont we may be in deep sh*t.

 

 

Stuxnet wasn't a single computer malware, it was a project which had other aspects in addition to it's digital part which included hiring hackers and programmers to create a malware. the whole project is the thing which is referred to as an unprecedented cyber attack so far. it was so big that required both israel and U.S coordinated to lunch it..things like making a fake certificate appear to be legit or shipping infected flash drives into the country and hopping one of them find its way into the nuclear facility which had no connection to the outside world by any conventional means we know of makes it unique. so when talking about Stuxnet you shouldn't compare it to other malwares because creating the malware itself was only a small part of the project. 

 

you can't be so sure about NK, maybe it's all propaganda. not the first time the west abusing mass media, right? Iran also doesn't expect anything more than this from the west so it's all OK as long as they're in the talking phase. 

 

btw do you think that if this was all true about U.S having infected implants in Iran's sensitive facilities and areas ready for a push of mr.Obama's finger on that button, to sabotage country's infrastructure, then they would explicitly confess this in the Newyork time's for the public? if so then they must be too smart or too stupid. period 

[Holmes]

I realize how those projects work and your right they wouldnt confess it to the media if they did the whole project would be dead in the water.

[humble3d]

Can't we all just get along ??