Snowden says U.S., Israel created Stuxnet virus


Whistleblower Edward Snowden told a German magazine that Israel and the United States created the Stuxnet computer virus that destroyed nuclear centrifuges in Iran. 

Snowden made the statement as part of an interview with the German news magazine Der Spiegel in which he answered encrypted questions sent by security software developer Jacob Appelbaum and documentary filmmaker Laura Poitras. Excerpts of the interview were published Monday on the Spiegel website.

Snowden was asked if the U.S. National Security Agency partners “with other nations, like Israel?” He responded that the NSA has a “massive body” responsible for such partnerships called the Foreign Affairs Directorate.

He also was asked,  “Did the NSA help to create Stuxnet?” Snowden responded, “NSA and Israel co-wrote it.”

Stuxnet in 2010 wrought havoc on equipment at Iran’s Natanz nuclear plant and complicated the manufacture of highly enriched uranium, which the West suspects is intended for making atomic weapons. The virus temporarily disabled 1,000 centrifuges being used by the Iranians to enrich uranium.

Snowden, a former technical contractor for the NSA and employee of the CIA, last month revealed the existence of mass surveillance programs by the United States and Britain against their own citizens and citizens of other countries.

He said Germany and most other Western nations are “in bed together” with the NSA.

Snowden said a private citizen would be targeted by the NSA based on Facebook or webmail content.

“The only one I personally know of that might get you hit untargeted are jihadi forums,” he said.

Snowden is a fugitive of the United States who is believed to be in Moscow’s Sheremetyevo Airport. Three Latin American countries — Venezuela, Nicaragua and Bolivia — have offered him asylum, NBC reported.

Researchers say Stuxnet was deployed against Iran in 2007


Researchers at Symantec Corp. have uncovered a version of the Stuxnet computer virus that was used to attack Iran's nuclear program in November 2007, two years earlier than previously thought.

Planning for the cyber weapon, the first publicly known example of a virus being used to attack industrial machinery, began at least as early as 2005, according to an 18-page report that the security software company published on Tuesday.

Stuxnet, which is widely believed to have been developed by the United States and Israel, was uncovered in 2010 after it was used to attack a uranium enrichment facility at Natanz, Iran. That facility has been the subject of intense scrutiny by the United States, Israel and allies, who charge that Iran is trying to build a nuclear bomb.

Symantec said its researchers had uncovered a piece of code, which they called “Stuxnet 0.5,” among the thousands of versions of the virus that they had recovered from infected machines.

Stuxnet 0.5 was designed to attack the Natanz facility by opening and closing valves that feed uranium hexafluoride gas into centrifuges, without the knowledge of the operators of the facility, according to Symantec.

The virus was being developed early as 2005, when Iran was still setting up its uranium enrichment facility, said Symantec researcher Liam O'Murchu. That facility went online in 2007.

“It is really mind blowing that they were thinking about creating a project like that in 2005,” O'Murchu told Reuters in ahead of the report's release at the RSA security conference, an event attended by more than 20,000 security professionals, in San Francisco on Tuesday.

Symantec had previously uncovered evidence that planning for Stuxnet began in 2007. The New York Times reported in June 2012 that the impetus for the project dated back to 2006, when U.S. President George W. Bush was looking for options to slow Iran's nuclear ambitions.

Previously discovered versions of Stuxnet are all believed to have been used to sabotage the enrichment process by changing the speeds of those gas-spinning centrifuges without the knowledge of their operators.

Since Stuxnet's discovery in 2010, security researchers have uncovered a handful of other sophisticated pieces of computer code that they believe were developed to engage in espionage and warfare. These include Flame, Duqu and Gauss.

Stuxnet 0.5 was written using much of the same code as Flame, a sophisticated virus that researchers have previously said was primarily used for espionage, Symantec said.

U.S., Israel developed Flame computer virus, according to anonymous Western officials


The United States and Israel jointly developed the Flame computer virus that collected intelligence to help slow Iran’s nuclear program, The Washington Post reported on Tuesday, citing anonymous Western officials.

The so-called Flame malware aimed to map Iran’s computer networks and monitor computers of Iranian officials, the newspaper said. It was designed to provide intelligence to help in a cyber campaign against Iran’s nuclear program, involving the National Security Agency, the CIA and Israel’s military, the Post said.

The cyber campaign against Iran’s nuclear program has included the use of another computer virus called Stuxnet that caused malfunctions in Iran’s nuclear enrichment equipment, the newspaper said.

Current and former U.S. and Western national security officials confirmed to Reuters that the United States played a role in creating the Flame virus.

Since Flame was an intelligence “collection” virus rather than a cyberwarfare program to sabotage computer systems, it required less-stringent U.S. legal and policy review than any U.S. involvement in offensive cyberwarfare efforts, experts told Reuters.

The CIA, NSA, Pentagon, and Office of the Director of National Intelligence declined to comment.

Flame is the most complex computer spying program ever discovered.

Two leading computer security firms – Kaspersky Lab and Symantec Corp – have linked some of the software code in the Flame virus to the Stuxnet computer virus, which was widely believed to have been used by the United States and Israel to attack Iran’s nuclear program. (Reporting By Mark Hosenball; Editing by Philip Barbara)

Hackers strike Israel again


An international group of pro-Palestinian hackers said they leaked the credit card details of thousands of Israelis in an escalation of cyber attacks on Israeli targets.

The group, called OpFreePalestine, claimed to have published online Thursday the details of 26,000 Israeli credit card holders.

Most of the list comes from a list posted in January by a Saudi hacker, Ynet reported. Many of the details are incorrect or partial, according to the report.

OpFreePalestine is part of Team Poison, which was founded two years ago with the goal of attacking Israeli and American targets online. It reportedly has hacked major websites, including high-tech companies and the computer systems of countries that have ties with Israel, according to Haaretz.

Pro-Palestinian and pro-Israeli hackers have been attacking each other on the Internet in recent weeks. Thousands of credit card details, mostly of Israelis, have been exposed, and the websites of Israeli targets such as the Tel Aviv Stock Exchange and two hospitals were shut down.

Israel concerned it may be under cyber attack


Israeli officials said on Friday they were concerned the country may be under cyber attack after a wave of credit card code thefts in the past week by a hacker who claims to be operating out of Saudi Arabia.

Credit card company officials said 14,000 numbers had been posted on line on Tuesday and another 11,000 on Thursday. However, they said some of the codes had expired and that the active cards were all being cancelled.

The hacker has identified himself as OxOmar and says he is part of a Saudi Arabian hacker team. In a post on Thursday he said he had leaked information about more than 400,000 Israelis and said the “Jewish lobby” was hiding the scale of the attack.

Israeli officials say the hacker has also released email addresses and passwords, but have yet to confirm where he is based.

“This incident should be treated as a cyber attack,” Justice Ministry official Yoram Hacohen told the Ma’ariv daily.

“When it comes to digital felonies committed outside the country, it is difficult to locate the perpetrator if he took the correct precautions,” Hacohen added.

The data theft was one of the worst that Israel has said it has faced, and while the financial damage was reportedly minimal, the breaches have heightened concerns about the potential use of stolen information by Israel’s enemies.

“These matters are worrisome,” Science and Technology Minister Daniel Hershkowitz told Israel Radio, calling the incident “a sample of the great danger out in cyberspace.”

He added that Israel had “impressive capabilities” and was setting up an agency to deal with the issue, as Prime Minister Benjamin Netanyahu pledged last year.

On the back of the credit card theft, a parliamentary committee has scheduled a session for the coming week to review Israel’s readiness to defend itself from cyber attacks.

“We must prepare to cope with cyber threats in anticipation of any attempts to use Internet terror to strike at Israel,” said lawmaker Ronit Tirosh, the committee chairwoman.

Some newspaper columnists speculated that hackers might be retaliating for recent attacks in Iran, including the mysterious Stuxnet computer virus that snarled its controversial nuclear computer systems.

“The peculiar incident we are facing could be a bad joke, a youthful prank, a hate-driven terror attack for beginners or the first stage in an Iranian cyber-terror attack,” commentator Ben Caspit wrote in Friday’s edition of Ma’ariv.

However, Hershkowitz dismissed such speculation, saying: “the imagination tends to soar.”

The hacker wrote in his Web post: “So, I’ve started thinking of sending all Israeli credit cards I own which reaches 1M data.”

“Enjoy it world! Purchase stuff for yourself online, buy anything you want,” he added.

Dov Kotler, CEO of Isracard, a unit of Bank Hapoalim , said 5,200 credit card numbers listed by the hacker on Thursday, belonged to his customers.

The thefts have dampened Internet sales in Israel, media reports said, though no figures were immediately available. Israeli reports have indicated that most of the information stolen had been gleaned from online commercial sites.

Editing by Crispian Balmer

New computer virus detected in Iran


A computer virus similar to the Stuxnet virus that attacked Iran’s nuclear program last year has been detected in Iran.

Iran said Sunday that it had found the Duqu computer virus in some Islamic Republic computer systems, but that it has been contained and neutralized, the head of Iran’s civil defense branch, Brig.-Gen. Gholamreza Jalali, told the Tehran Times.

Duqu is designed to gather data such as keystrokes from computer systems that will help it to launch future attacks on the systems, the Symantec company said in a report after the virus was discovered last month.

Stuxnet, the computer worm that some say set back Iran’s nuclear program by several months or years, affected some of Iran’s computer systems and centrifuges used to enrich uranium after it was released last year. The New York Times reported that it was a joint project of Israel and the United States. Iran had to replace 1,000 Stuxnet-damaged centrifuges at its main uranium enrichment plant at Natanz last year.

The report added that the creators of the Duqu program had access to the Stuxnet source code.

“Duqu is essentially the precursor to a future Stuxnet-like attack,” according to Symantec.

New Stuxnet-like computer virus discovered


A computer virus similar to the Stuxnet virus that attacked Iran’s nuclear program has been identified.

Duqu, with a malicious code similar to Stuxnet, was discovered on computer systems in Europe, the computer security firm Symantec said in a report issued Tuesday.

“Parts of Duqu are nearly identical to Stuxnet, but with a completely different purpose,” Symantec said in its report. “Duqu is essentially the precursor to a future Stuxnet-like attack.”

The report added that the creators of the Duqu program had access to the Stuxnet source code.

Stuxnet, the computer worm that some say has set back Iran’s nuclear program by several months or years, affected some of Iran’s computer systems and centrifuges used to enrich uranium after it was released last year. The New York Times reported that it was a joint project of Israel and the United States.

Iran had to replace 1,000 Stuxnet-damaged centrifuges at its main uranium enrichment plant at Natanz last year.

Duqu is designed to gather data such as keystrokes from computer systems that will help it to launch future attacks on the systems.