We’re Slowly Starting to See U.S.’ Cyber Weapons

For years now, Defense Department officials have refused to discuss the details of the Pentagon’s offensive capabilities in the cyber arena, even as they railed against all the cyber attacks against the United States’ ever-vulnerable networks.

It seems however, that the Pentagon is happy to let actions speak for it. Earlier this spring, news reports emerged saying that it was indeed the U.S. and Israel who were behind the Stuxnet worm that famously wreaked havoc on Iran’s attempts to enrich uranium for its nuclear program. That worm was designed to make its way accross copmuter networks around the globe before infiltrating the specific type of Seimens-made SCADA computer that controlled the speeds at which Iran’s uranium enrichment centrifuges spun at. Once inside said computers, the infamous worm reprogrammed the centrifuges to spin at the wrong speeds where they would wreck the enrichment process.

At its time, Stuxnet was considered one of the most sophisticated cyber-weapons ever discovered. It was so sophisticated that analysts speculated that it had to have been made by an organization with the backing of significant government and/or corporate resources.

Well, as you know, Stuxnet has just been topped in sophistication by another American and Israeli-made virus that targeted Iran’s nuclear program. Flame.

So it seems that the virus that has been described as ushering in a new era cyber-warfare by experts at places like Kaspersky Labs, was one of the U.S.’ cyber weapons.

As we wrote last month:

showing that it can take snapshots of an infected computer’s display screen, record audio conversations using the computer’s microphones as well as steal normal computer files.

However, it can also be remotely re-programmed to switch from intel-gathering to offensive mode, turning itself into a cyber weapon capable of disrupting its targets’ basic functions, much like the Stuxnet virus did to Iran’s Uranium enrichment centrifuges.

All of these advanced features in one worm led Internet security firm Kaspersky to call the arrival of Flame, “another phase in this [cyber ]war, and it’s important to understand that such cyber weapons can easily be used against any country. Unlike with conventional warfare, the more developed countries are actually the most vulnerable in this case.”

Or as former DT cyber writer Kevin Coleman quoted another analyst as saying, “Flame redefines cyber espionage, it makes all the other software in that category look like cheap toys!”

What’s most  impressive — or scary — is that, according to the Washington Post, Flame — which has been hiding out there undiscovered for years as a routine Microsoft software update — is just the tip of the iceberg in a massive cyber espionage effort against Iran.


The massive piece of malware secretly mapped and monitored Iran’s computer networks, sending back a steady stream of intelligence to prepare for a cyber­warfare campaign, according to the officials.

The effort, involving the National Security Agency, the CIA and Israel’s military, has included the use of destructive software such as the Stuxnet virus to cause malfunctions in Iran’s nuclear-enrichment equipment.

The emerging details about Flame provide new clues to what is thought to be the first sustained campaign of cyber-sabotage against an adversary of the United States.

“This is about preparing the battlefield for another type of covert action,” said one former high-ranking U.S. intelligence official, who added that Flame and Stuxnet were elements of a broader assault that continues today. “Cyber-collection against the Iranian program is way further down the road than this.”

Who knows what other types of cyber weapons we’ll see coming from the U.S. or what types of weapons will now be unleashed on the U.S. Remember, reality can often be stranger than fiction. However, as impressive and worrisome as these cyber weapons may be, they might just be playing a role in reducing the risk of a potentially much more destructive shooting war breaking out, as the Post points out.

The U.S.-Israeli collaboration was intended to slow Iran’s nuclear program, reduce the pressure for a conventional military attack and extend the timetable for diplomacy and sanctions.


  • Black Owl

    I remember reading somewhere that a Chinese general was interviewed on cyber weapons and cyber warfare. One of the things he said during the interview was that although China had made significant advances the Americans are still getting the most information and the are still the best at cyber warfare.

    • TomUK

      The word ‘boomerang’ comes to mind. If you initiate and thereby legitimate such actions, expect the eventual results. (And it’s rather a foolish idea, given the dependency of much of ‘Western’ infrastructure on computers).

      • JackBlack

        First test = let it in the wild = make it publicly available online, see what happens.
        Yeah leak, right, pipe leaked.

      • Jeff M

        I don’t think most of the world realizes how big of a threat they are. It’s worse than backyard nuclear weapons. A smart hacker could design a cyber-weapon that wiped out every computer on earth. The one’s that’re really intriguing to me are phone malware, I can picture a game of “climb the ladder” where a hacker infiltrates someones phone and with the aid of voice synthesis can BE that person, and passes the malware from handset to handset. Even if this phone malware is delivered via bluetooth or direct contact it’s still a major threat. Your phone knows EVERYTHING about you, the camera, the microphone, the onboard “sigint package.”

    • Edward

      Chinese no tell US how powder works. Let US believe China behind. Chinese intelligent, no make mistake.

      • Steven Oliver

        Racist and hilarious! I love it!

  • Matthew

    Loose lips sink ships. I agree with the boomerang comment. Time will tell.

  • dfor

    One of the most fascinating aspects about this subject is how cyber-weapons are usually a one-off capability, like China’s rocket forces. So the real challenge, it appears to me, is continuously finding new exploits that the enemy will not expect. In other words, I think surprise can be far harder to achieve in the cyber domain than in RL, but when it works, it works fine. Just fine.

    • NathanS

      Think of them like spies. Sometimes their cover gets blown, and their means of entry is discovered. It just means that other ways of disclosing their identity and other means of entry will have to be found. With the complexity and fast progression of technology, this is actually relatively easy. New exploits are discovered daily.

      As mentioned in the article, Flame has been there undiscovered for years. So it’s probably been quite successful. I do not believe for a second that these are the only cyber-warfare assets that the US / Israel have deployed.

      It’s believed that the Chinese have potentially compromised thousands of machines they they use to mask the origin of attacks, and also use as a platform to launch denial of service attacks.

      • dfor

        An interesting thought, however–what if software progresses to the point where code-checking programs render such exploits far less common?

    • Jeff M

      When I first heard about Stuxnet, I predicted the existence of something like Flame, something even more powerful and used for general espionage. Stuxnet and Flame are a derivative of a larger suite of malware that is evolving. Think drone aircraft, you can load it up with bombs, sensors, fuel tanks, etc. Stuxnet was only a one-off because it was designed that way. Flame is what I expected it to be, a swiss-army knife of espionage tools to compliment the stealth, precision “weapons” like Stuxnet.

  • Rohan

    Thats toooo slow to be from our part….lets make it fast……we are relying on 6G !!!

  • mehrdad

    why to expose all these kind of information to our sworn enemies,the more information we give,less safe we will be at home.that’s a big mistake obama administration is doing and did in the past.

    • Rohan

      EXACTLY ……..

    • Joeblow

      Right… because it’s not like the Iranians don’t already suspect Israel and the U.S. of being behind Stuxnet.

      I’d like to know just how the Iranians knowing we’re behind Stuxnet makes us less safe at home?

    • Bobby

      Shouldnt u be helping India out of poverty

    • shawn1999

      You only tell the enemy what you are doing when you:
      1) Are bluffing to get them to act in a manner you want them to
      2) Are distracting them from what you are REALLY doing (for example, you want them to stop looking for a bigger asset, so you “let” them find a smaller asset instead)
      3) Have already made it obsolete and moved on to something better (in which case, it makes a great target decoy for #2)

  • R.Confused

    Wow. Did everybody miss the big point here? I have suspected for sometime this might be a possibility:

    “which has been hiding out there undiscovered for years as a routine Microsoft software update”

    I guess since Google has climbed in bed with the NS@, Microsoft felt jealous and climbed into bed with the DoD.

    My guess is that Microsoft has the ability to place selected software updates via auto-updating to individual computers systems.Since they know and can verify specific hardware their software is installed on.
    The question is how many other government agency are using this method to upload spyware on computers of people (and or citizens) they want to keep track of via spyware upload under the disguise of a M$-software security update patch it sends out monthly.
    Since nobody in any country would suspect M$ of doing something like this. (All of this under a presidential executive order that bypassing all legal pathways that might question the procedure, thus protecting M$ from future legal claims.)


    • JackBlack

      Exclude Germany where brains still work, read Heise.de.

    • joe

      Well, if ‘cyber attack’ can be defined as ’cause a computer to completely lock up for no readily apparent reason’, I must admit Microsoft to be one of the most experienced organisations in the world.

      • Thomas L. Nielsen

        That reminds me of this one (an oldie, but a goodie):

        Why Windows is not a virus:

        1. Viruses replicate quickly – okay, Windows does that.

        2. Viruses use up valuable system resources, slowing down the system as they do so – okay, Windows does that as well.

        3. Viruses will, from time to time, trash your hard disk – okay, so Windows does that too.

        4. Viruses are usually carried, unknown to the user, along with valuable programs and systems. Sigh… Windows as well.

        5. Viruses will occasionally make the user suspect their system is too slow (see pt. 2) and the user will buy new hardware. Yup, that’s Windows again.

        6. Viruses are well supported by their authors, run on most systems, their program code is fast, compact and efficient and they tend to become more sophisticated as they mature. THIS IS WHY WINDOWS IS NOT A VIRUS!

        Regards & all,

        Thomas L. Nielsen

    • Gridlock

      You’re close, in that it is a big deal – but the attackers counterfeited a digital certificate that made the virus look like MS-signed code, and fiddled with the local network so windowsupdate.microsoft.com was their bitch. One auto-update later and all the local machines are infected.

      900 million PCs check in with MS each month. Subverting this has been an antivirus nightmare for years, and it has now been proven possible.

  • Matt

    Resistance is futile

  • Pilgrimman

    I’m afraid I can’t let you do that, Iran.

  • Tom Hendricks

    Cyber attack against other countries by US is terrorism at highest level. But no body calls it terrorism because it’s done by US.

    We might want to ask ourselves why that is?!
    When hizbollah? attack they are called terrorist. But when terrorist attack in Syria they are rebels in western media.

    I belive in YIn and YANG and right now there is 2 much Yang from our side and it can only go the other way.

    • Josh

      You might want to look up the definition of terrorism before you make statements like that. Just saying…

    • O.J. Sampson

      By definition an act of terrorism is warfare waged on a civilian population. Stuxnet and Flame do not exactly fall into that category. This attack can be more accurately described as an act of war, however, there is no governing legislation regarding cyber warfare written by any national or international body. Therefore, it even fails to meet the “legal” definition of an act of war. Unfortunately, these attacks – right or wrong – fall into the legal abyss that allows governments to act unimpeded.

      • Josh

        Well said

      • NathanS

        When CIA caused the trans-Siberian gas pipeline disaster in 1982, was this an act of war?

        The term “Cyber-warfare” is slightly misleading, as it has nothing to do with war as in bombs and bullets. It’s linage is actually from that of spying and espionage.

        • O.J. Sampson

          Snooping on someone’s computer networks is pure espionage. When these programs begin to cause physical damage to an enemy’s military, political, and/or economic infrastructures they become kinetic strikes. In this example the delivery system for our bombs or bullets was a pc virus. The only difference is that the laws of war are currently several years behind today’s technologies.

    • STemplar

      We get to ask ourselves these questions though. In China freedom is banned word in search engines. In Iran they have installed surveillance cameras in coffee shops. You might want to ask yourself do you want to win or lose against those kinds of mentalities and quit the silly moral equivocation crap.

    • Anthony

      Want to know the difference Tom, its that IF this occurred, it was purely defensive. We have as many nuclear weapons as anyone in the world, but you wont see us letting them lose. The second Iran has one, the auction begins…think about what you’re saying.

  • Lance

    Good let the Cyber Command send Iran’s economy to the same century as its society is the 5th century!!!!!

    • Hear the truth

      You really are ignorant. In Iran women can drive what about Saudi Arabia where women are banned from driving where’s your brain then. It seems you’ve been brainwashed by the controlled news/media to think bad of a country where you’ve never been and to like a country like Saudi which is the one behind the times. Open your eyes and wake up to reality

  • Joshua

    This article put a smile on my face.

  • ltfunk2

    With the US government getting into teh cybercrime business the effect on our software industry will be very bad.

    Why would you buy Microsoft phones and tablets when they simply let the IRS and government agencies snoop around your company at will.

    At the same time with so much more cash available for exploits if you are a Microsoft employee in India and you arn’t putting in some extra exploits into MS code and selling it you are one of the slow ones.

    We could have had a massive industry selling electronic services to the world. But that is going to die now because you cant turn a market into a battlefield and your customers into enemies and expect the industry to survive.

  • longshadow

    We just handed the world a polished malware management framework that can be used to jumpstart cyber warfare capabilities. Duqu, Stuxnet, and Flame are the new ‘baseline’ and there isn’t any reason why a state or private actor can’t produce and deploy their own variant in a matter of months.

    The real question is what are they going to do to US now that our enemies and fringe actors have reliable cyber warfare capabilities?..

    • Josh

      I highly doubt we would have used these capabilities if we didn’t know how to counter them and we obviously know that people are going to use these as the building block for complex attacks. That kind of stuff always comes into consideration before you release something. It would be beyond stupid for us to use a weapon like this and not be able to protect ourselves from the backlash of people using the source weapon, or their own modified version. Dont forget that a lot of the technologies you see today have been classified for sometimes decades before they are made public. And 90% of the time the reason they are made public is bigger, better, and more capable sytems are already in use or being worked on. Flame pre-dated Stuxnet, and if we’re just seeing Flame now I’m sure there are even more capable and at the same time scarier things in the cyber warfare bag of tricks

  • Joe

    We are at the manhatten project stage of cyber weapon development. The thing that worries me is proliferation of this stuff.

    Code does not get unwritten. This could be a MAJOR leveler of the conflict playing field.

  • leeretarmy

    What the hell happened to OPSEC

    • blight_

      Consider Kapersky Labs isn’t a branch of the US government (if anything, they are a Russian company), what OPSEC?

      As for Washington Post, it would depend on who is talking. Then again, considering Kapersky isolated the virus and decompiled the binaries, the source code itself will tell you everything you needed to know about its capabilities.

  • Infidel4LIFE


  • longshadow

    There is no such thing as OPSEC for this kind of thing. All it takes is one person somewhere in the world to find and capture an instance of the software and then the secret is out.

  • anthony

    Nobody likes to go thru anothers meltdown destroying our earth!!