Leaking Cyberwar Secrets
The White House wants credit for successes but blames Israel for failures, a New York Times exposé shows
It was quite a week for cyberwarfare. First came the revelation that Iran was suffering from a virus called Flame—apparently the most powerful spyware ever created, turning computers into virtual double-agents—which has already infected at least 1,000 computers, nearly all of them in Iran, the Palestinian territories, Sudan, Syria, and Lebanon.
Two days later, the New York Times published an explosive story by David Sanger detailing the collaboration between Israel and the United States in its cyberwarfare campaign against Iran’s nuclear weapons program. The program started under the Bush Administration, but according to Sanger “Obama decided to accelerate the attacks,” code-named Olympic Games, including the Stuxnet worm that set back the Iranian nuclear program by as much as two years.
The story, adapted from Sanger’s forthcoming book, is richly reported and heavily sourced to “current and former American, European and Israeli officials involved in the program.” The story reveals that both the Bush and Obama Administrations have used cyberwarfare to wage campaigns—political and strategic—on various fronts. Stuxnet, for example, was not intended simply to disrupt the Iranian nuclear program. It was also meant to convince the Israelis that Washington recognizes the urgency of the problem and thus Israel need not attack Iran. The Times article is evidence of the Obama White House’s efforts in yet another campaign: the 2012 elections.
Given that this was the second such cyberwarfare story that the Obama Administration has fed the New York Times—the first appeared in January 2011—it is obvious that this White House, like so many others before it, is using journalists to shape its image. While a number of analysts have criticized the administration for jeopardizing U.S. national security by leaking sensitive material to the press, the reality is that the story is not really about the details of this ongoing intelligence operation. It’s a political narrative, intended to shape public opinion about the competence and muscularity of this White House.
The nature of the story is given away in a quote from Vice President Joe Biden, exasperated after Stuxnet mistakenly appeared on the Web in the summer of 2010, exposing the code. Biden laid the blame at the feet of the administration’s ostensible partner. “It’s got to be the Israelis,” said Biden, according to an unnamed source. “They went too far.” In other words, the Obama White House wants it both ways—to claim credit for the successes of the cyberwarfare campaign and to shift blame on the Israelis in the event that things go wrong.
Biden’s quote dovetails with a theory that’s been circulating for a few years among security experts that the Stuxnet virus was the product of collaboration between first-rate professionals and rank amateurs. On this reading, the programming team was top-notch while the implementation team was less than capable.
Applying the Biden thesis, it would seem that the Israelis are the incompetent partners, responsible for the Stuxnet leak.
If the Israelis are in fact incompetent at waging cyberwar, then that’s real news, since the Israelis have always been reputed to be the best in the business. “If Israel is incompetent then why was Stuxnet successful?” journalist Yossi Melman, co-author of the forthcoming book Spies Against Armageddon: Inside Israel’s Secret Wars, responded when I asked him about Biden’s comment. “A thousand centrifuges were disabled, which makes it a very successful campaign.”
Melman said that according to the Israeli officials he’s spoken with, it was Israel that initiated the idea of utilizing computer viruses. “They’ve been doing cyberwarfare slightly longer than the Americans. Military Intelligence Unit 8200 [Israel’s equivalent of the National Security Agency in charge of signals intelligence] has been exploring the potential for offensive as well as defensive cyberwarfare capabilities for at least a decade.”
As some critics have noted, a cyber-attack that spread to thousands of computers unrelated to Iran’s nuclear program is at odds with the Obama Administration’s “International Strategy for Cyberspace,” a policy laid out a year ago. “The digital world,” reads the document, “is a place where the norms of responsible, just and peaceful conduct among states and peoples have begun to take hold.” So, perhaps the administration, and Biden in particular, is eager to shift the blame to avoid charges of hypocrisy: The Americans do the good stuff, it’s the Israelis who do the bad stuff.
This is the flip side of the political narrative. “It’s a disinformation campaign to present Israel’s behavior as without discretion, without patience,” a former Israeli intelligence official told me. He recalls another New York Times story about a war game that starts with an Israeli strike against Iran in which thousands of Americans are killed. “The idea,” said the official, “is to present Israel as gung-ho and ready to go to war, and America has to stop it from doing something disastrous.”
It’s hard to imagine that the two sides walked into the Stuxnet campaign ignorant of each other’s abilities and limitations. “I don’t believe for a moment that such ‘teams’—if they existed as ‘teams’—didn’t have the chance to review or test each other’s code in some meaningful fashion,” said Michael Schrage, a research fellow at MIT Sloan School’s Center for Digital Business. “I suppose it’s possible that complementary teams worked independently and then released an uncoordinated worm into the wild, but that’s a pretty poor way of trying to kill or disrupt or gain intelligence around the most difficult nuclear challenge America and Israel face. If I were an Israeli or American cyber-warrior, I would want to know the other’s code and protocol or doctrine for attack.”
In other words, the chances that the White House was really blindsided by Israel, like Biden says, are virtually nil.
But Israelis, said Melman, understand that the point of this story was to enhance the president’s image. “Israeli officials know that it’s an election year,” says Melman. “They believe the information was leaked to glorify the Obama Administration. Israeli officials are not going to rock the boat and ruin the party.”
The Times story is part of a larger narrative being driven by the Obama team, meant to enhance the president’s image in the middle of an election campaign where, according to some polls, the Republican candidate has pulled even with the incumbent. Forget the fact that Syria is burning, that the Russians have been emboldened by American impotence in the Middle East, or that the Iranians are tip-toeing across the finish line to get a nuclear weapon while American diplomats sit helplessly at a negotiating table. Focus rather on the image of a cool superhero commander in chief ordering clandestine attacks.
“Obama’s problem,” says the former Israeli intelligence official, “is that on one hand the administration has to show that they are doing something about Iran. But on the other hand, they can’t abandon their left-wing base. So, it’s better to shift blame to Israel. No Israeli government is going to be criticized for releasing a virus. We know we are at war, and America does not know it’s at war.”
Like this article? Sign up for our Daily Digest to get Tablet Magazine’s new content in your inbox each morning.
As Dianne Feinstein accepts its endorsement, the liberal Israel advocacy group gets the gravitas it craves