Zero Days Page #10

all the samples

that we could acquire,

tens of thousands of samples.

We extracted all of those logs.

O'murchu:
We could see the

exact path that stuxnet took.

Chien:
Eventually, we were able

to trace back

this version of stuxnet

to ground zero,

to the first five infections

in the world.

The first five infections

are all outside a natanz plant,

all inside of organizations

inside of Iran,

all organizations

that are involved in

industrial control systems

and construction

of industrial control

facilities,

clearly contractors who were

working on the natanz facility.

And the attackers knew that.

They were electrical companies.

They were piping companies.

They were, you know,

these sorts of companies.

And they knew...

They knew the technicians

from those companies

would visit natanz.

So they would infect

these companies

and then technicians

would take their computer

or their laptop or their USB...

That operator then goes down

to natanz

and he plugs in his USB key,

which has some code

that he needs to update

into natanz,

into the natanz network,

and now stuxnet

is able to get inside natanz

and conduct its attack.

These five companies

were specifically targeted

to spread stuxnet into natanz

and that it wasn't that... that

stuxnet escaped out of natanz

and then spread

all over the world

and it was this big mistake

and "oh, it wasn't meant

to spread that far

but it really did."

No, that's not the way

we see it.

The way we see it is that they

wanted it to spread far

so that they could get it

into natanz.

Someone decided that we're

gonna create something new,

something evolved,

that's gonna be

far, far, far more aggressive.

And we're okay, frankly,

with it spreading all over

the world to innocent machines

in order to go after

our target.

The Mossad had the role,

had the... the assignment

to deliver the virus

to make sure that stuxnet

would be put in place in natanz

to affect the centrifuges.

Meir dagan,

the head of Mossad,

was under growing pressure

from the prime minister,

Benjamin netanyahu,

to produce results.

Inside the roc,

we were furious.

The Israelis took our code for

the delivery system

and changed it.

Then, on their own,

without our agreement,

they just f***ing launched it.

2010 around the same time

they started killing

iranian scientists...

And they f***ed up

the code!

Instead of hiding,

the code started shutting down

computers,

so naturally, people noticed.

Because they were in a hurry,

they opened pandora's box.

They let it out

and it spread

all over the world.

Gibney:

The worm spread quickly

but somehow

it remained unseen

until it was identified

in Belarus.

Soon after,

Israeli intelligence confirmed

that it had made its way into

the hands

of the Russian

federal security service,

a successor to the kgb.

So it happened that the formula

for a secret cyber weapon

designed by

the U.S. and Israel

fell into the hands

of Russia

and the very country

it was meant to attack.

Kiyaei:
In international law,

when some country

or a coalition of countries

targets a nuclear facility,

it's a act of war.

Please, let's be frank here.

If it wasn't Iran,

let's say a nuclear facility

in United States...

Was targeted in the same way...

The American government

would not

sit by and let this go.

Gibney:
Stuxnet is an attack

in peacetime

on critical infrastructures.

Yes, it is. I'm...

Look, when I read about it,

I read it, I go,

"whoa, this is a big deal."

Yeah.

Sanger:
The people who were

running this program,

including Leon panetta,

the director of the CIA

at the time,

had to go down

into the situation room

and face president Obama,

vice president biden

and explain that this program

was suddenly on the loose.

Vice president biden,

at one point

during this discussion,

sort of exploded

in biden-esque fashion

and blamed the Israelis.

He said, "it must have been

the Israelis

who made a change

in the code

that enabled it to get out."

Richard Clarke:
President Obama

said to the senior leadership,

"you told me it wouldn't

get out of the network. It did.

You told me the iranians would

never figure out

it was the United States.

They did.

You told me it would have

a huge affect

on their nuclear program,

and it didn't."

Sanger:
The natanz plant is

inspected every couple of weeks

by the international atomic

energy agency inspectors.

And if you line up what

you know about the attacks

with the inspection reports,

you can see the effects.

Heinonen:
If you go to

the iaea reports,

they really show that all

of those centrifuges

were switched off

and they were removed.

As much as almost couple

of thousand got compromised.

When you put this

altogether,

I wouldn't be surprised

if their program got delayed

by the one year.

But go then to year 2012-13

and looking how the centrifuges

started to come up again.

Kiyaei:

Iran's number of centrifuges

went up exponentially,

to 20,000, with a stockpile

of low enriched uranium.

This isn't...

These are high numbers.

Iran's nuclear facilities

expanded

with the construction

of fordow

and other highly protected

facilities.

So ironically, cyber warfare...

Assassination of

its nuclear scientists,

economic sanctions,

political isolation...

Iran has gone through

"a" to "x"

of every chorus of policy

that the U.S., Israel,

and those who ally with them

have placed on Iran,

and they have actually made

Iran's nuclear program

more advanced today

than it was ever before.

Mossad operative:

This is a very

very dangerous

minefield that we are walking,

and nations who decide

to take these covert actions

should be taking

into consideration

all the effects,

including the moral effects.

I would say

that this is the price

that we have to pay in this...

In this war,

and our blade

of righteousness

shouldn't be so sharp.

Gibney:
In Israel

and in the United States,

the blade of righteousness

cut both ways,

wounding the targets

and the attackers.

When stuxnet infected

American computers,

the department

of homeland security,

unaware of the cyber weapons

launch by the NSA,

devoted enormous resources

trying to protect Americans

from their own government.

We had met the enemy

and it was us.

Sen Paul mcgurk:
The purpose of

the watch stations that

you see in front of you

is to aggregate the data

- coming in from multiple feeds

of what the cyber threats

could be,

so if we see threats

we can provide

real-time recommendations

for both private companies,

as well as federal agencies.

Male journalist:

Yep, absolutely. We'd be

more than happy to discuss that.

Female journalist:

Sen, is it...

Mcgurk:
Early July of 2010

we received a call

that said that this piece

of malware was discovered

and could we take a look at it.

When we first started

the analysis,

there was that

"oh, crap" moment, you know,

where we sat there and said,

Rate this script:0.0 / 0 votes