“Nuclear Spy” Arrests: Remember Who Your Friends Are, Iran

As you may have heard, in response to the Stuxnet cyber attack on its nuclear program, Iran has been detaining Russian personnel working on Iran’s first nuclear reactor at Bushehr. Hence, “dozens of Russian nuclear engineers, technicians and contractors are hurriedly departing Iran for home since local intelligence authorities began rounding up their compatriots as suspects of planting the Stuxnet malworm into their nuclear program,” reports Israel’s DEBKAfile.

Hold on there, Tehran, don’t go off half-cocked. Chances are, if transmitted via the Russians, unless one was on the pad of the cyberwarring entity, that one of them is not to blame. Jason Fritz provides some perspective in Hacking Nuclear Command and Control, a paper commissioned by the ICNND (International Commission on Nuclear Nonproliferation and Disarmament) (emphasis added).

All computers which are connected to the internet are susceptible to infiltration and remote control. Computers which operate on a closed network may also be compromised by various hacker methods, such as privilege escalation, roaming notebooks, wireless access points, embedded exploits in software and hardward, and maintenance entry points. For example, e-mail spoofing targeted at individuals who have access to a closed network, could lead to the installation of a virus on an open network. This virus could then be carelessly transported on removable data storage between the open and closed network.

The Iranian computers were initially spread using flash drives, which anyone could have infected. Tehran: remember who your friends are. When it comes to “crippling sanctions” and even an attack on your nuclear facilities, you don’t want to drive Russia into the full embrace of the West.