Over a year ago, Reuters published a story which clairvoyantly outlined Stuxnet, the Israeli strategy that might’ve created it, and even speculated on the means of delivering the worm which turned out to be prescient:
…Cyberwarfare…is seen by independent experts as the likely new vanguard of Israel’s efforts to foil the nuclear ambitions of its arch-foe Iran. The appeal of cyber attacks was boosted, Israeli sources say, by the limited feasibility of conventional air strikes on the distant and fortified Iranian atomic facilities, and by US reluctance to countenance another open war in the Middle East.“We came to the conclusion that, for our purposes, a key Iranian vulnerability is in its on-line information,” said one recently retired Israeli security cabinet member, using a generic term for digital networks. “We have acted accordingly.”
Cyberwarfare teams nestle deep within Israel’s spy agencies, which have rich experience in traditional sabotage techniques and are cloaked in official secrecy and censorship. They can draw on the know-how of Israeli commercial firms that are among the world’s hi-tech leaders and whose staff are often veterans of élite military intelligence computer units.
“To judge by my interaction with Israeli experts in various international forums, Israel can definitely be assumed to have advanced cyber-attack capabilities,” said Scott Borg, director of the US Cyber Consequences Unit, which advises various Washington agencies on cyber security.
Technolytics Institute, an American consultancy, last year rated Israel the sixth-biggest “cyber warfare threat,” after China, Russia, Iran, France and “extremist/terrorist groups.”
Asked to speculate about how Israel might target Iran, Borg said malware — a commonly used abbreviation for “malicious software” — could be inserted to corrupt, commandeer or crash the controls of sensitive sites like uranium enrichment plants.Such attacks could be immediate, he said. Or they might be latent, with the malware loitering unseen and awaiting an external trigger, or pre-set to strike automatically when the infected facility reaches a more critical level of activity.
As Iran’s nuclear assets would probably be isolated from outside computers, hackers would be unable to access them directly, Borg said. Israeli agents would have to conceal the malware in software used by the Iranians or discreetly plant it on portable hardware brought in, unknowingly, by technicians.
“A contaminated USB stick would be enough,” Borg said.