Random House. - Confront and conceal: Obamas secret wars and surprising use of American power

Copyright 2012 by David E. Sanger

All rights reserved.
Published in the United States by Crown Publishers, an imprint of the
Crown Publishing Group, a division of Random House, Inc., New York.
www.crownpublishing.com

CROWN and the Crown colophon are registered trademarks of
Random House, Inc.

Cataloging-in-Publication Data is on file with the Library of Congress.

eISBN: 978-0-307-71804-4

Maps: Mapping Specialists, Ltd.
Jacket design: Christopher Brand
Jacket photography: Getty Images

v3.1

For Sherill

T HE WORM WAS LOOSE .

That was the mystifying, disturbing news rippling through Fort Meade, the headquarters of the National Security Agency, and across the Potomac at the CIA. Now, on a midsummer day in 2010, Leon Panetta, the CIA director, and two men responsible for overseeing the most sophisticated, complex cyberattack the United States had ever launched against an adversary descended the steps into the White House Situation Room to tell President Obama and his national security team that something had gone badly awry. Americas most closely guarded covert operation targeting Irans nuclear programknown to a small circle of officials by its code name, Olympic Gameswas in jeopardy because of a careless error. Suddenly the malicious software Americans and Israelis spent years perfecting was being replicated across the Internet, and hackers had given it an ominous-sounding name: Stuxnet. The men knew they would face blistering questions in the Situation Room: Obama and his team would demand to know whether the mistake was fatal to their carefully designed plan to undermine Irans ability to produce nuclear fuel. The worm in question was a cyber worm, the product of years of cooperation between a small team of computer warriors at Fort Meade and their counterparts, half a world away, inside a military intelligence agency that Israel barely acknowledges exists.

For three years, Olympic Games had unfolded almost flawlessly. The Americans spent months devising the worm to strike directly at the tall, silvery centrifuges the Iranians were using to enrich uranium. To assess its powers, the Pentagon and intelligence agencies had quietly built a replica of Irans Natanz enrichment plant behind the high walls of the Energy Departments national laboratories. There they tested the worm, at one point taking the rubble of a destroyed centrifuge and dumping it on the conference table in the Situation Room for Obamas predecessor, George W. Bush. It was then that the Israelis and the Americans went to work, inserting the worm using a special technique that leaped the giant electronic moat the Iranians had built around their system to protect it from outside invaders. Versions of the worm were deployed through the end of the Bush presidency, and days before the handover, the forty-third president of the United States invited the forty-fourth to the White House for a one-on-one talk, in which Bush urged Obama to preserve two classified programs, the cyberattacks on Iran and the drone program in Pakistan. The Iranians, Obama was told, were still clueless about why their centrifuges were blowing up. Obama took Bushs advice.

For a new president with little patience for technological detail, Obama was deeply engaged in planning Americas covert attacks on Iran. After each major use of the new cyberweapon, Obama would meet in the Situation Room to assess the damageand the delay to Irans programwith the men overseeing Olympic Games. Often, they would bring with them the horse blanketa giant, foldout schematic diagram of Irans nuclear production facilities. Those meetings often ended with the presidents authorization to proceed with the next stepsometimes a strike riskier and bolder than what had been attempted previously. Perhaps not since Lyndon Johnson had sat in the same room, more than four decades before, picking bombing targets in North Vietnam, had a president of the United States been so intimately involved in the step-by-step escalation of an attack on a foreign nations infrastructure.

From his first days in office, he was deep into every step in slowing the Iranian programthe diplomacy, the sanctions, every major decision, one of the presidents senior aides said to me early in 2012. And its safe to say that whatever other activity might have been under way was no exception to that rule.

He was also acutely aware that with every attack he was pushing the United States into new territory. Only a few months into office, Obama was employing a remarkable offensive weapon whose future no one entirely grasped. At the same time it was Obama, more than any president before him, who was raising alarms about the need to harden Americas own infrastructure against hackers, other states, or even terrorists who were contemplating cyberweapons that could turn out the lights in New York and Los Angeles, crash the stock market, interfere with navigational satellites, or bring down the air traffic control system. The Chinese worked harder at cyber than anyone.

We discussed the irony, more than once, one of his aides confided in early 2012. Yet Obama believed that when it came to stopping Iran, the United States had no other choice. If Olympic Games failed, there would be no time and space for sanctions and diplomacy to work. The Israelis might well turn to a more primitive means of taking out Irans facilitiesan old-fashioned airstrikeand plunge the region into a war that the United States could not simply watch from the sidelines. Olympic Games was a new presidents best shot at avoiding a new war, just as he was trying to end two others.

But the luck surrounding the covert plan could not hold out. Something was going to go wrong eventually, and when it did, it was a pretty spectacular screw-up. That day, it fell to Panetta; his deputy, Michael Morell; and Gen. James Hoss Cartwright to bring this news to the president and figure out what to do next.

The cyberwarriors had been swinging for the fences, they explained. They had devised a new version of the worm to destroy a particularly hard-to-target group of just under one thousand centrifuges at Natanz, and had inserted the worm remotely. Then, something had gone wildly wrong: An Iranian scientist had plugged his laptop into the computer controllers and the worm had hopped aboard. When he later connected the same laptop to the Internet, the worm broke free and began replicating itself, a step its designers never anticipated.

We think there was a modification done by the Israelis, Obama was told during the briefing, according to one person who was present, and we dont know if we were part of that activity.

Now the worm was acting like a zoo animal that had discovered his caretaker had left the cage door ajar. Suddenly it was everywhere, digitally replicating at blazing speed, showing up on millions of computers in Iran, Indonesia, and India. So far, Obama was told, nothing had been traced back to the United States or Israel. The first account of the worms spread, written by a diligent computer-security blogger, reported that a sophisticated new strain of malicious software that piggybacks on USB storage devices was showing up around the globe. Within a day, Microsoft announced it was fixing a flaw in its Windows operating system that allowed the software to burrow into its architecture. But it was only a matter of time, Obama was told, before the code would be pulled apart and features of it used in other cyberweapons, including those aimed back at the United States.