New film blames Israel for failure of Iran malware

New film blames Israel for failure of Iran malware
© Getty Images

A new documentary argues that the failure of the Stuxnet malware used against Iran was primarily Israel's. 

Up to now, reports have indicated that the United States began working on Stuxnet due to growing fears about Iran’s budding nuclear weapons program. The U.S. joined forces with Israel to create malware known as a worm to destroy nuclear centrifuges, only to see it run amok due to an overly ambitious timetable.

ADVERTISEMENT
Neither the United States nor Israel has ever admitted to participating in the creation or distribution of Stuxnet.

Director Alex Gibney’s “Zero Days,” out July 8, attempts to fills in gaps in the story of what happened with the malware program. 

“It’s the story of the U.S. and Israel, how divergent their goals are with the project, and how problematic it can be to share weapon systems and intelligence as a result,” said Gibney, the Academy Award winning director of “Taxi to the Dark Side” and a nominee for “Enron: Smartest Guys in the Room.” 

Gibney’s version of events — one he backs up with interviews with former National Security Agency and Central Intelligence Agency director Michael Hayden, Israeli security experts, New York Times reporter David Sanger and intelligence operatives — recasts what is known about the malware, back to the purpose of the mission. 

In Gibney’s version of events, the U.S. entered a partnership with Israel to use cyber weaponry largely to keep Israel from starting a war the United States would be called on to finish. 

“If they had attempted a raid on a military plane, we would have been assuming that they were assuming that we would finish that which they started,” Hayden says in the film, regarding rumors Israel had been considering sending air strikes to nuclear sites in Iran. 

“In other words, there were many of us in government who thought the purpose of the raid wasn’t to destroy the Iranian nuclear system but the purpose of the raid was to put us at war with Iran.”

The partnership with Israel was a joint programming exercise undertaken with military precision. And it worked, at least for a while, causing Iran’s centrifuges to whirr out of control and ultimately destroy themselves. 

One of the reasons it worked was that it went undetected, something that wasn’t easy, especially for the Iranian facilities, which were not connected to the Internet.  

To get a worm from the outside world to the control systems that governed the centrifuges, it had to be carried in on a thumb drive. The worm then had to infect enough exterior computers to eventually reach an employee of the nuclear development efforts — and do so undetected.  

Stuxnet was able to pull this off because it was so precise. But according to “Zero Days,” Israeli officials were not pleased with the slow, cautious approach that had kept the malware in the shadows. 

Gibney alleges that, without American approval, Israeli Prime Minister Benjamin Netanyahu had the code rewritten to be more chainsaw than surgical scalpel. It began crashing the wrong computers, bringing it to antivirus companies’ attention. The wounds caused by Stuxnet were not mortal ones, and Iran was able to continue its nuclear program.

“What the United States liked about the Stuxnet code was that it subtly creating delays and had the peculiar result of undermining the psychological stability of the Iranian scientists at the time, to destroy their confidence in their own attempt,” said Gibney. “They liked the subterfuge. Bibi Netanyahu just wanted to blow more stuff up. It dramatically backfired” 

Gibney said he is basing that assertion on interviews with a slew of intelligence community members who declined to be named or filmed. They could not have spoken to him on the record, he noted, because the mission is still classified. 

The fallout of Stuxnet was more than a U.S. and Israeli black eye. The blown cover likely released the techniques used to create the worm to the public. And, soon after the attack, Iran is believed to have hacked a number of US properties, including the stock market and major banks. 

“Usually, the technical option that seems brilliant in the short-term is very problematic in the long term,” Gibney said.