CBS: Stuxnet roots go back to Bush administration

Updated at 11:22 a.m. ET

The sophisticated cyberweapon which targeted an Iranian nuclear plant is older than previously believed, an anti-virus firm said Tuesday, peeling back another layer of mystery on a series of attacks attributed to U.S. and Israeli intelligence.

The Stuxnet worm, aimed at the centrifuges in Iran's Natanz plant, transformed the cybersecurity field because it was the first known computer attack specifically designed to cause physical damage. The precise origins of the worm remain unclear, but until now the earliest samples of Stuxnet had been dated to 2009.

Security experts generally agree that Stuxnet was an attempt to sabotage Iran's uranium enrichment centrifuges, which can be used to make fuel for reactors or weapons-usable material for atomic bombs. Iran maintains its nuclear program is for peaceful purposes.

s "60 Minutes" correspondent Steve Kroft reported last year, Stuxnet was incredibly complicated and sophisticated, beyond the cutting edge. By the time it was first detected in June 2010, it had been out in the wild for a year without drawing anyone's attention, and seemed to spread by way of USB thumb drives, not over the Internet.

By the fall of 2010, the consensus was that Iran's top secret uranium enrichment plant at Natanz was the target and that Stuxnet was a carefully constructed weapon designed to be carried into the plant on a corrupted laptop or thumb drive, then infect the system, disguise its presence, move through the network, changing computer code and subtly alter the speed of the centrifuges without the Iranians ever noticing, Kroft reported.

"Stuxnet's entire purpose is to control centrifuges," Liam O Murchu, an operations manager for Symantec, told Kroft. "To make centrifuges speed up past what they're meant to spin at and to damage them. Certainly it would damage the uranium enrichment facility and they would need to be replaced."

Last June, The New York Times traced the origins of the top-secret program back to 2006.

In a new report issued late Tuesday, Symantec Corp. pushed that timeline further back, saying it had found a primitive version of Stuxnet circulating online in 2007 and that elements of the program had been in place as far back as 2005.

One independent expert who examined the report said it showed that the worm's creators were particularly far-sighted.

"What it looks like is that somebody's been thinking about this for a long, long time — the better part of a decade," said Alan Woodward, a computer science professor at the University of Surrey. "It really points to a very clever bunch of people behind all of this."

he Times reported that President George W. Bush ordered the deployment of Stuxnet against Iran in a bid to put the brakes on its atomic energy program, detailing how the worm tampered with the operation of Natanz's centrifuge machines to send them spinning out of control.

President Obama, who succeeded Bush shortly after the first attacks, expanded the campaign, the report said.

Read THE REST OF THE  STORY HERE AT CBS

60 Minutes: Killing bin Laden

Iran claims to have downed another drone

TEHRAN, Iran — Iran's powerful Revolutionary Guard said Saturday that it had captured a foreign unmanned aircraft during a military exercise in southern Iran.

Gen. Hamid Sarkheili, a spokesman for the military exercise, said the Guard's electronic warfare unit spotted signals indicating that foreign drones were trying to enter Iranian airspace. Sarkheili said Guard experts took control of one drone's navigation system and brought it down near the city of Sirjan where the military drills began on Saturday.

"While probing signals in the area, we spotted foreign and enemy drones which attempted to enter the area of the war game," the official IRNA news agency quoted the general as saying. "We were able to get one enemy drone to land."

Sarkheili did not say whether the drone was American.

In Washington, a CIA spokeswoman declined to comment on the report.

Iran has claimed to have captured several U.S. drones, including an advanced RQ-170 Sentinel CIA spy drone in December 2011 and at least three ScanEagle aircraft.

State TV said the Guard's military exercise, code-named Great Prophet-8, involved ground forces of the Guard, Iran's most powerful military force. State TV showed tanks and artillery attacking hypothetical enemy positions. He said various systems, including unmanned planes that operate like suicide bombers, were tested.

READ THE REST OF THE STORY AT HUFF POST

F-35s grounded due to cracked engine blades

(Reuters) - The Pentagon on Friday suspended the flights of all 51 F-35 fighter planes after a routine inspection revealed a crack on a turbine blade in the jet engine of an F-35 test aircraft in California.

It was the second grounding of the warplane in two months and marked another setback for the $396 billion F-35 Joint Strike Fighter program, the Pentagon's biggest weapons program. The program has already been restructured three times in recent years and may face further cutbacks if Congress does not avert major budget reductions due to take effect on March 1.

The F-35 program office said it was too early to know if this was a fleet-wide issue, but it was suspending all flights until an investigation was completed. A total of 51 F-35 jets were affected, including 17 that are being used for testing and 34 in use for training in Florida and Arizona.

It said it was working closely with Pratt & Whitney, the United Technologies Corp unit that builds the engine, and Lockheed Martin Corp, the prime contractor for the radar-evading warplane, to ensure the integrity of the engine and return the F-35 fleet to flight as soon as possible.

The Pentagon's F-35 program office began notifying the chiefs of the U.S. Air Force, Navy and Marine Corps late on Thursday about the engine issue and decision to ground the planes, said Kyra Hawn, a spokeswoman for the program office.

She said that a routine inspection at Edwards Air Force Base in California on February 19 revealed a crack on a low pressure turbine blade that is part of the F-35's F135 engine. The blade was on an F-35 A-model, or Air Force variant, which takes off and lands from conventional runways.

Pratt spokesman Matthew said the inspection showed "an indication of a crack" on the third stage low pressure turbine airfoil. He said the company was working closely with the Pentagon, Lockheed and the military services to get the planes flying again.

Engineering teams are removing the turbine blade from the plane and plan to ship it to Pratt's engine facility in Middletown, Connecticut, for more thorough evaluation and root cause analysis, according to the Pentagon and Pratt.

Hawn said an initial analysis was expected next week.

Sandia airborne pods seek to trace nuclear bomb’s origins

Modular units crossing “Valley of Death” for Air Force use

ALBUQUERQUE, N.M. — If a nuclear device were to unexpectedly detonate anywhere on Earth, the ensuing effort to find out who made the weapon probably would be led by aircraft rapidly collecting airborne radioactive particles for  analysis.

Sandia National Laboratories researchers prepare pods that, airborne, will track radiation to its source and analyze particulates and gases to identify a nuclear bomb's origins. (Photo by Randy Montoya). Click on the thumbnail for a high-resolution image.

Relatively inexpensive unmanned aerial vehicles (UAVs) — equipped with radiation sensors and specialized debris-samplers — could fly right down the throat of telltale radiation over a broad range of altitudes without exposing a human crew to hazards.

A Sandia National Laboratories-developed airborne particulate-collection system demonstrated those kinds of capabilities in the blue skies above Grand Forks Air Force Basein Grand Forks, N.D., in late September. Dubbed “Harvester” for obvious reasons, the system “tasted” the atmosphere with two particulate sampling pods. A third pod would provide directional guidance for a real event by following the trail of gamma radiation.

The three pods, with additional hardware, software and ground-control equipment, are expected take their place on aircraft in the Air Force’s investigatory arsenal in the next few years.

When they do so, they will have traversed the infamous technological “Valley of Death,” in which many promising researched and developed ideas die before reaching production.

The successful Grand Forks demonstration was part of a formal Department of Defense (DoD) Joint Capability Technology Demonstration (JCTD) that mated the Harvester modular pods to the long wings of a Department of Homeland Security Customs and Border Protection-provided MQ-9 Reaper UAV. (The Reaper is a more powerful cousin of the better-known Predator.)

A researcher checks air flow in the Harvester particulate sampling pod. (Photo by Randy Montoya.) Click on the thumbnail for a high -resolution image.

While the tests did not include any radioisotope releases, the pods were able to collect and identify naturally occurring radioisotopes of lead and bismuth produced from the radioactive decay of atmospheric radon. In addition, radioactive beryllium-7 produced from cosmic ray-induced break-up (spallation) of naturally occurring carbon-14, also showed up on the filters, providing a uniform measure for debris distribution.

The modular pods eliminate the need for costly, permanent aircraft modifications that would limit the number of aircraft platforms on which Harvester can be flown.

“There’s a high likelihood the Air Force will make Harvester operational in 2014 to augment its current manned aircraft collection capability,” said Sandia project lead Joe Sanders. “For maximum responsiveness, we continually engaged with the Air Force to address its technological and operational needs throughout the project.”

The Harvester’s Directional Gamma Radiation Sensor (DGRS) helps guide the aircraft toward the radioactive plume using four large sodium iodide radiation detectors and a complex processing algorithm. The Harvester equipment operator informs the pilot, located far away in a UAV ground control station, to fly toward the plume’s “hot spot.”

“The operator will see a vector that shows peak plume intensity up and to the right, let’s say,” Sanders said. “It’s the equivalent of a guide saying, ‘You’re getting warmer.’”

Air passes through the samplers, each about the size of a small snowmobile, as the Reaper cruises at 200 mph. This rams particles into filter paper like light hitting a photographic plate, causing the particles to stick to the filter fibers. A separate radiation sensor analyzes the filter in real time to estimate the type and quantity of radioactive particles collected. More extensive examination of the filters occurs after the aircraft has landed.

The radiation sensor (smaller pod) and Harvester sampling pods ready for a UAV test flight at a U.S. air base. (Photo by Joe Sanders) Click on the thumbnail for a high-resolution image.

Because gas analysis can complement particle analysis, Sandia is developing a third type of pod called the Whole Air Sampling Pod (WASP) to demonstrate the feasibility of collecting multiple, large-volume air samples that can be analyzed for radioactive gases. Radioxenons, radioisotopes of the noble gas xenon, if detected, can provide a tell-tale indication of a nuclear detonation.

“While not small, the 9-foot-long, 650-pound WASP is designed to be compatible with an MQ-9 Reaper UAV,” Sanders said. “WASP has not yet been flight-tested but has performed well in the laboratory, and the DoD’s interest in modular gas sampling is growing. We look forward to demonstrating the WASP technology, and expect that it will also cross the Valley of Death.”

Harvester was developed by Sandia with support from the Albuquerque office of National Technical Systems, an international engineering firm. The early research and development phase was funded by the National Nuclear Security Administration’s Office of Nonproliferation Research and Development. The later development and qualification phase was funded by the Defense Threat Reduction Agency and the Office of the Secretary of Defense’s Acquisition, Technology and Logistics Rapid Fielding Office as part of the JCTD.

---

Sandia National Laboratories is a multi-program laboratory operated by Sandia Corporation, a wholly owned subsidiary of Lockheed Martin company, for the U.S. Department of Energy’s National Nuclear Security Administration. With main facilities in Albuquerque, N.M., and Livermore, Calif., Sandia has major R&D responsibilities in national security, energy and environmental technologies and economic competitiveness.

Sandia news media contact:  Neal Singer,  nsinger@sandia.gov,  (505) 845-7078