"Through the darkness of the pathways that we marched," "evil and good lived side by side." "And this is the nature of..." "Of life." "Wearein an unbalanced andinequivalentconfrontation betweendemocracies whoareobliged toplayby therules andentitieswhothink democracyisajoke." "You can't convince fanatics by saying, "hey, hatred paralyzes you, love releases you."" "There are different rules that we have to play by." "Female newsreader:" "Today, two of Iran'stopnuclearscientists weretargetedby hitsquads." "Female newsreader 2:" "...InthecapitalTehran." "Male newsreader: ..." "The latest ina stringof attacks." "Female newsreader 3:" "Today's attackhasallthe hallmarks ofmajorstrategicsabotage." "Female newsreader 4:" "Iranimmediatelyaccused theU.S.andIsrael oftryingto damage itsnuclearprogram." "Mahmoud ahmadinejad:" "I want to categorically deny any United States involvement in any kind of act of violence inside Iran." "Covert actions can help, can assist." "They are needed, they are not all the time essential, and they, in no way, can replace political wisdom." "Alex gibney:" "Were the assassinations in Iran related to the stuxnet computer attacks?" "Uh, next question, please." "Male newsreader:" "Iran'sinfrastructure isbeingtargeted bya newanddangerously powerfulcyberworm." "The so-called stuxnet worm is specifically designed, it seems, to infiltrate and sabotage real-worldpowerplants andfactoriesandrefineries." "Male newsreader 2:" "It's not tryingtostealinformation orgrabyourcreditcard , they'retryingto getinto somesortof industrialplant andwreakhavoctrying toblowup an engineor..." "Male newsreader 3:" "Male newsreader 4:" "Nooneknows who'sbehindtheworm andtheexactnature ofitsmission, buttherearefearsIran  willholdIsrael orAmericaresponsible andseekretaliation." "Male newsreader 5:" "It'snotimpossiblethat somegroupof hackersdid it,  butthesecurityexperts thatarestudyingthis reallythinkthisrequired the resource of a nation-state." "Man:" "Okay, and spinning." "Gibney:" "Okay, good." "Here we go." "What impact, ultimately, did the stuxnet attack have?" "Can you say?" "I don't want to get into the details." "Gibney:" "Since the event has already happened, why can't we talk more openly and publicly about stuxnet?" "Yeah, I mean, my answer is because it's classified." "I..." "I won't knowledge..." "You know, knowingly offer up anything i consider classified." "Gibney:" "I know that you can't talk much about stuxnet, because stuxnet is officially classified." "You're right on both those counts." "Gibney:" "But there has been a lot reported about it in the press." "I don't want to comment on this." "I read it in the newspaper, the media, like you, but I'm unable to elaborate upon it." "People might find it frustrating not to be able to talk about it when it's in the public domain, but..." "Gibney:" "I find it frustrating." "Yeah, I'm sure you do." "I don't answer that question." "Unfortunately, i can't comment." "I do not know how to answer that." "Two answers before you even get started, I don't know, and if I did, we wouldn't talk about it anyway." "Gibney:" "How can you have a debate if everything's secret?" "I think right now that's just where we are." "No one wants to..." "Countries aren't happy about confessing or owning up to what they did because they're not quite sure where they want the system to go." "Andsowhoever wasbehindstuxnet hasn'tadmitted theywerebehindit." "Gibney:" "Askingofficialsaboutstuxnet wasfrustratingandsurreal, likeaskingtheemperor abouthisnewclothes." "Evenafterthecyberweapon hadpenetratedcomputers allovertheworld, noonewaswilling toadmitit wasloose ortalkabout thedangersit posed." "Whatwasit about thestuxnetoperation that was hiding in plain sight?" "Maybetherewasaway thecomputercode couldspeakforitself." "Stuxnetfirstsurfaced inBelarus." "Istartedwithacall  tothemanwho discoveredit whenhisclientsinIran  begantopanic overanepidemic ofcomputershutdowns." "Had you ever seen anything quite so sophisticated before?" "Eric chien:" "Ona dailybasis,basically wearesiftingthrough amassivehaystacklookingfor thatproverbialneedle." "We get millions of pieces of new malicious threats and there are millions of attacks going on every single day." "And only way are trying to protect people and their computers and..." "And their systems and countries' infrastructure from being taken down by those attacks." "But more importantly, we have to find the attacks that matter." "When you're talking about that many, impact is extremely important." "Eugene kaspersky:" "Twenty years ago,theantiviruscompanies, they were hunting for computer viruses because there were not so many." "So we had, like, tens of dozens a month, and there was just little numbers." "Now, we collect millions of unique attacks every month." "Vitaly kamluk:" "This room we call awoodpecker'sroom ora viruslab, and this is where virusanalystssit." "Wecallthemwoodpeckers becausetheyare peckingtheworms, networkworms,andviruses." "Andwesee,like,three differentgroupsof hackers behind cyber-attacks." "They are traditional cyber criminals." "Those guys are interested only in illegal profit." "And quick and dirty money." "Activists,orhacktivists, theyarehackingfor fun  orhackingto push somepoliticalmessage." "Andthethirdgroup isnation-states." "They'reinterestedin  high-qualityintelligence orsabotageactivity." "Chien:" "Security companies notonlyshareinformation butwealsoshare binarysamples." "Sowhen thisthreatwasfound bya Belarusian securitycompany ononeof theircustomer's machinesinIran, thesamplewassharedamongst thesecuritycommunity." "When we try to name threats, we just try to pick some sort of string, some sort of words, thatareinside ofthebinary." "Inthiscase,therewas acoupleof wordsinthere andwetookpiecesofeach,  andthatformedstuxnet." "I got the news about stuxnet from one of my engineers." "He came to my office, opened the door, and he said, "so, Eugene, of course you know that we are waiting for something really bad." "It happened."" "Gibney:" "Give me some senseofwhatitwaslike in the lab at that time." "Was there a palpable sense of amazement that you had something really different there?" "Well, I wouldn't call it amazement." "It was a kind of a shock." "It went beyond our worst fears, our worst nightmares, and this continued the more we analyzed." "The more we researched, the more bizarre the whole story got." "We look at so much malware every day that we can just look at the code and straightaway we can say," ""okay, there's something bad going on here, and I need to investigate that."" "And that's the way it was when we looked at stuxnet for the first time." "We opened it up and there was just bad things everywhere." "Just like, okay, this is bad and that's bad, and, you know, we need to investigate this." "And just suddenly we had, like, a hundred questions straightaway." "Themostinterestingthing thatwedo is detectivework wherewetrytotrackdown who'sbehindathreat, whataretheydoing, what'stheirmotivation, andtryto reallystopit attheroot." "Anditis kindof all-consuming." "Yougetthisnew puzzle andit'sverydifficult toputit down, youknow,workuntil,like , 4:00amin themorning andfigurethesethingsout." "AndI wasin thatzonewhere Iwasveryconsumedbythis,  veryexcitedaboutit,  veryinterestedto know whatwashappening." "AndEricwasalso inthatsamesortofzone." "Sothetwoofuswere, like,  backandforthall the time." "Chien:" "Liam and I continued togrindat thecode, sharingpieces, comparingnotes, bouncingideas offofeachother." "Werealizedthat weneededto do  whatwecalleddeepanalysis, pickapartthethreat, everysinglebyte, everysinglezero,one , andunderstandeverything thatwasinsideofit." "Andjustto giveyou  somecontext, we can go through and understand every line of code for the average threat in minutes." "And here we are one month into this threat and we were just starting to discover what we call the payload or its whole purpose." "Whenlookingat  thestuxnetcode, it's20timesthe size oftheaveragepieceofcode butcontainsalmost nobugsinsideofit." "Andthat'sextremelyrare." "Maliciouscodealwayshas  bugsinsideof it ." "Thiswasn'tthecase withstuxnet." "It'sdenseandeverypiece ofcodedoessomething anddoessomethingright in order to conduct its attack." "Oneofthethingsthat  surprisedus wasthatstuxnet utilizedwhat'scalled a zero-day exploit, or basically, a piece of code that allows it to spread without you having to do anything." "You don't have to, for example, download a file and run it." "A zero-day exploit is an exploit that nobody knows about except the attacker." "So there's no protection against it." "There's been no patch released." "There's been zero days protection, you know, against it." "That'swhatattackersvalue, becausetheyknow100 percent iftheyhave thiszero-dayexploit, theycangetin wherevertheywant." "They'reactually veryvaluable." "Youcansellthese ontheunderground forhundreds ofthousandsof dollars." "Chien:" "Thenwebecamemoreworried becauseimmediatelywe  discoveredmorezerodays." "And again, these zero days are extremely rare." "Inside stuxnet we had, you know, four zero days, and for the entire rest of the year, we only saw 12 zero days used." "It blows all... everything else out of the water." "We've never seen this before." "Actually, we've never seen it since, either." "Seeing one in a malware you could understand because, you know, the malware authors are making money, they're stealing people's credit cards and making money, so it's worth their while to use it," "but seeing four zero days, could be worth half a million dollars right there, used in one piece of malware, this is not your ordinary criminal gangs doing this." "This is..." "This is someone bigger." "It's definitely not traditional crime, not hacktivists." "Who else?" "It was evident on a very early stage that just given the sophistication of this malware..." "Suggested that there must have been a nation-state involved, at least one nation-state involved in the development." "When we look at code that's coming from what appears to be a state attacker or state-sponsored attacker, usually they're scrubbed clean." "They don't... they don't leave little bits behind." "They don't leave little hints behind." "Butinstuxnet therewereactually afewhintsleftbehind." "Onewasthat,inorderto getlow-levelaccess toMicrosoftwindows, stuxnetneededto use adigitalcertificate, whichcertifiesthat thispieceof code camefrom aparticularcompany." "Now, those attackers obviously couldn't go to Microsoft and say, "hey, test our code out for us." "And give us a digital certificate."" "So they essentially stole them..." "Fromtwocompanies inTaiwan." "Andthesetwocompanieshave  nothingtodo witheachother exceptfor theircloseproximity intheexactsame businesspark." "Digitalcertificates areguardedvery,veryclosely behindmultipledoors andtheyrequiremultiple peopletounlock." "Security: ..." "To the camera." "Chien:" "And they need to provide bothbiometrics" "and,as well,passphrases." "Itwasn'tlike thosecertificateswere justsittingon somemachine connectedtotheInternet." "Somehumanassets hadtobe involved,spies." "O'murchu:" "Like a cleaner who comesinat night andhasstolen thesecertificates fromthesecompanies." "It did feel like walking onto the set of this James Bond movie and you..." "You've been embroiled in this thing that, you know, you..." "You never expected." "Wecontinuedto search, andwecontinued tosearchin code, andeventuallywe foundsome otherbreadcrumbsleft wewereabletofollow." "Itwasdoingsomething withSiemens," "Siemenssoftware, possiblySiemenshardware." "We'd never ever seen that in any malware before, something targeting Siemens." "We didn't even know why they would be doing that." "Butaftergoogling, veryquicklywe understood itwastargeting Siemenspics." "Stuxnet was targeting a very specific hardware device, something called a plc or a programmable logic controller." "Langner:" "The plc is kind of averysmallcomputer attached to physical equipment, like pumps, like valves, like motors." "Sothislittlebox is runninga digitalprogram andtheactions ofthisprogram turnsthatmotoron, off , orsetsaspecificspeed." "Chien:" "Those program modulecontrollers controlthingslike powerplants,powergrids." "O'murchu:" "Thisisusedinfactories, it'susedin  criticalinfrastructure." "Critical infrastructure, it's everywhere around us, transportation, telecommunications, financialservices, healthcare." "Sothepayloadofstuxnet wasdesigned to attack some very important part of our world." "The payload is gonna be important." "What happens there could be very dangerous." "Langner:" "The next verybigsurprisecame whenitinfected ourlabsystem." "Wefiguredoutthat themalwarewasprobing forcontrollers." "Itwasquitepicky onitstargets." "It didn't try to manipulate any givencontrollerin anetwork thatitwouldsee ." "It went through several checks, andwhenthosechecksfailed, itwouldnotimplement theattack." "Itwasobviouslyprobing fora specifictarget." "You've got to put this in context that, at the time, we already knew, well, this is the most sophisticated piece of malware that we have ever seen." "So it's kind of strange." "Somebody takes that huge effort to hit one specific target?" "Well, that must be quite a significant target." "Chien:" "So at symantec we have probesonnetworks allovertheworld watchingfor maliciousactivity." "O'murchu:" "We'd actually seen infectionsofstuxnet allovertheworld, intheU.S.,Australia, intheu.K.,inFrance, Germany,alloverEurope." "Chien:" "It spread to any windows machineintheentireworld." "You know, we had these organizations inside the United States who were in charge of industrialcontrol facilitiessaying," ""we'reinfected." "What'sgonnahappen?"" "O'murchu:" "We didn't know if therewasadeadlinecomingup wherethisthreat wouldtrigger andsuddenlywould, like,turnoffall ,you know, electricity plants around the world or it would start shutting things down" "or launching some attack." "We knew that stuxnet could have verydireconsequences, andwewere veryworriedabout whatthepayload contained andtherewas animperativespeed thatwehadtorace  andtryand,you know, beatthistickingbomb." "Eventually,wewereableto refinethestatisticsalittle andwesawthat Iranwasthenumberone infectedcountryin theworld." "Chien:" "That immediately raised oureyebrows." "We had never seen a threat before where it was predominantly in Iran." "Andsowe begantofollow whatwasgoingon inthegeopoliticalworld, whatwashappening inthegeneralnews." "Andatthattime,therewere actuallymultipleexplosions ofgaspipelines goinginandout ofIran ." "Unexplainedexplosions." "O'murchu:" "And of course, wedidnoticethatatthetime therehadbeenassassinations ofnuclearscientists." "Sothatwasworrying." "Weknewtherewas  somethingbadhappening." "Gibney:" "Did you get concerned for yourself?" "I mean, did you begin to start looking over your shoulder from time to time?" "Yeah, definitely looking over my shoulder and... and being careful about what I spoke about on the phone." "I was... pretty confident my conversations on my..." "On the phone were being listened to." "We were only half joking when we would look at each other and tell each other things like," ""look, I'm not suicidal." "If I show up dead on Monday, you know, it wasn't me."" "We'dbeenpublishing informationaboutstuxnet allthroughthatsummer." "Andthenin November, theindustrialcontrolsystem sortofexpert inHollandcontactedus..." "Andhesaidall ofthese devices that would be inside of anindustrialcontrolsystem hold a unique identifier number that identified the make and model of that device." "Andweactuallyhad acouple ofthesenumbersinthecode thatwedidn'tknow whattheywere." "And so we realized maybe what he was referring to was the magic numbers we had." "And then when we searched for those magic numbers in that context, wesawthatwhat hadtobe connected tothisindustrialcontrol systemthatwasbeingtargeted weresomethingcalled frequencyconverters fromtwo specificmanufacturers, oneofwhichwas inIran ." "And so at this time, we absolutely knew that the facility that was being targeted had to be in Iran and had equipment made from iranian manufacturers." "When we looked up those frequency converters, weimmediatelyfoundout  thattheywereactually exportcontrolledby the nuclearregulatorycommission." "Andthatimmediately leadusthen to some nuclear facility." "Gibney:" "This was more than acomputerstory, soI lefttheworld oftheantivirusdetectives andsoughtoutjournalist, Davidsanger, whospecializedin  thestrangeintersection ofcyber,nuclearweapons, andespionage." "Sanger:" "Theemergenceof thecode iswhatputmeonalert  thatanattackwas underway." "Andbecauseof the covert nature of the operation, notonlywereofficial governmentspokesmen unabletotalkaboutit, they didn't even know about it." "Eventually, themoreIdug intoit, the more I began to find individuals who had been involved in some piece of it or who had witnessed some piece of it." "And that meant talking to Americans, talking to Israelis, talking to Europeans, because this was obviously the first, biggest, and most sophisticated example of a state or two states using a cyber weapon for offensive purposes." "Icameto thiswith afairbitofhistory, understandingtheiranian nuclearprogram." "How did Iran get its first nuclearreactor?" "We gave it to them..." "Under the shah, because the shah was considered anAmericanally." "Thankyouagainfor your warmwelcome,Mr.president." "Gary samore:" "During theNixonadministration, theU.S.wasveryenthusiastic aboutsupporting theshah's nuclearpowerprogram." "And at one point, the Nixon administration was pushing the idea that Pakistan and Iran should build a joint plant together in Iran." "There'satleast someevidencethat theshahwasthinkingabout acquisition of nuclear weapons, becausehesaw,and wewere  encouraginghimto seeIran astheso-calledpolicemen ofthepersianGulf." "Andtheiranianshavealways viewedthemselves as naturally the dominant power inthemiddleeast." "Samore:" "But the revolution, whichoverthrew theshahin '79, reallycurtailedtheprogram beforeitevergot any  headofsteamgoing." "Part of our policy against Iran aftertherevolution was to deny them nuclear technology." "So most of the period when I was involved in the '80s and the '90s was the U.S. running around the world and persuading potential nuclear suppliers not to provide even peaceful nuclear technology to Iran." "And what we missed was the clandestine transfer in the mid-1980s from Pakistan to Iran." "Rolf mowatt-larssen:" "AbdulqadeerKhan iswhatwe wouldcall thefatherof  thePakistannuclearprogram." "Hehadthefullauthority andconfidence ofthePakistangovernment fromitsinception totheproduction ofnuclearweapons." "I was a CIA officer for..." "For..." "For over two decades, operations officer, worked overseas most of my career." "The a.Q. Khan network is so notable because aside from building the Pakistani program for decades..." "It also was the means by which other countries wereableto develop nuclearweapons, includingIran." "Samore:" "A.Q.Khanactingonbehalf ofthePakistanigovernment negotiated with officials in Iran and then there was a transfer which took place through Dubai ofblueprintsfor nuclearweaponsdesign aswellas somehardware." "Throughoutthemid-1980s, theiranianprogram wasnotverywell-resourced." "Itwasmoreof anr d  program." "Itwasn'treally untilthemid-'90s thatitstartedtotake off whentheymadethe decision tobuildthenuclearweapons program." "Youknow, wecanspeculatewhat, in their mind, motivated them." "I think it was the U.S. invasion of Iraq after Kuwait." "Youknow,therewas an eight-yearwar betweenIraqandIran, wehadwipedout Saddam's forcesinamatterofweeks ." "AndI thinkthatwas enough toconvincetherulers inTehran thattheyneededtopursue nuclear weapons more seriously." "George Bush:" "States like these and their terrorist allies constitute an axis of evil, arming to threaten the peace of the world." "Samore:" "From 2003 to 2005 whentheyfearedthat theU.S.wouldinvadethem , theyacceptedlimits ontheirnuclearprogram." "Butby2006,the iranians hadcometo theconclusion thattheU.S.was boggeddown  inAfghanistanandIraq andnolongerhad the capacity tothreatenthem, and so they felt it was safe to resume their enrichment program" "theystartedproducing lowenricheduranium, producingmorecentrifuges, installingthem atthelarge-scaleunderground enrichmentfacilityat natanz." "Journalist:" "Ahmadinejad:" "Gibney:" "How many times have you been to natanz?" "Not that many, because I left few years ago, the dia, but I was there quite..." "Quite a few times." "Natanzisjustinthemiddle ofthedesert." "Whentheywerebuildingit insecret, theywerecallingit desertirrigationfacility." "For the local people, you want to sell why you are building a big complex." "Thereisalot ofartillery andairforce." "It'sbetterprotected againstattackfromair  thananyothernuclear installationI haveseen." "Sothisis  deeplyunderground." "But then inside, natanz is like any other centrifuge facility." "I have been all over the world, from Brazil to Russia, Japan, so they are all alike with their own features, their own centrifuges, their own culture, but basically, the process is the same." "Andsoarethe monitoring activitiesoftheiaea." "Therearebasicprinciples." "Youwantto seewhatgoes in, whatgoesout, andthenon topofthat  youmakesurethat itproduces lowenricheduranium insteadofanythingtodowith thehigherenrichments andnuclearweapon gradeuranium." "Emad kiyaei:" "Iran'snuclearfacilities areunder24-hourwatch." "Oftheunitednations nuclearwatchdog, theiaea,theinternational atomicenergyagency." "Every single gram of iranian fissile material..." "Is accounted for." "Theyhave,like,basically sealstheyput onfissilematerials." "Thereareiaeaseals." "You can't break it without getting noticed." "Heinonen:" "When you look attheuranium whichwasthereinnatanz, itwasaveryspecialuranium." "This is called isotope 236, and that was a puzzle to us, because you only see this sort of uranium in states which have had nuclear weapons." "Werealizedthat theyhadcheatedus." "Thissortof equipment hasbeenbought from what they call a black market." "They never pointed out it to a.Q. Khan at that point of time." "WhatI wassurprised wasthesophistication andthequalitycontrol andthewaytheyhave  themanufacturing wasreallyprofessional." "It was not something, you know, you just create in a few months' time." "This was a result of a long process." "Acentrifuge, youfeeduraniumgas  inandyouhaveacascade, thousandsofcentrifuges, andfromtheotherend yougetenricheduraniumout." "Itseparatesuraniumbasedon spinningtherotors." "Itspinsso fast, 300meterspersecond, thesameas  thevelocityof sound." "Thesearetremendousforces andasaresult, therotor,it twists, lookslikeabanana atonepointoftime ." "So it has to be balanced because any small vibration it will blow up." "And here comes another trouble." "Youhaveto raise thetemperature butthisverythin rotorwas..." "Theyaremadefrom carbonfiber, andtheotherpieces, theyaremadefrommetal." "When you heat carbon fiber, it shrinks." "When you heat metal, it expands." "So you need to balance not only that they spin, they twist, but this temperature behavior insuchaway that itdoesn'tbreak." "Sothishastobe veryprecise." "Thisiswhatmakesthem  verydifficultto manufacture." "You can model it, you can calculate it, but at the very end, it's actually based on practice and experience." "So it's a..." "It's a piece of art, so to say." "Man:" "Heinonen:" "Iranians are very proudoftheircentrifuges." "Theyhavealot of publicrelationsvideos givenupalwaysinApril whentheyhavewhatthey call  anationalnuclearday ." "Man:" "Kiyaei:" "Ahmadinejad came into hispresidencysaying if the international community wants to derail us we will stand up to it." "If they want us to sign more inspections and more additional protocols and other measures, no, we will not." "We will fight for our rights." "Iranisasignaturetonuclear non-proliferationtreaty, and under that treaty, Iran has arightto anuclearprogram." "Wecanhaveenrichment." "Who are you, world powers, tocomeandtellusthatwe cannothaveenrichment?" "This was his mantra, and it galvanized the public." "Sanger:" "By 2007, 2008, theU.S.government wasinaverybadplace with theiranianprogram." "Presidentbushrecognized thathecouldnot even comeoutin public anddeclarethatthe iranians were building a nuclear weapon, becausebythistime, hehadgonethrough theentirewmdfiascoinIraq." "He could not really take military action." "Condoleezzaricesaidtohim atonepoint," ""youknow,Mr.president, Ithinkyou'veinvaded yourlastMuslimcountry, evenforthebestofreasons."" "Hedidn'twanttolet theIsraelis conducta militaryoperation." "It's 1938, and Iran is Germany and it's racing..." "To arm itself with atomic bombs." "Iran's nuclear ambitions must be stopped." "They have to be stopped." "We all have to stop it, now." "That's the one message i have for you today." " Thank you." "Israel was saying they were gonna bomb Iran." "And the government here in Washington did all sorts of scenarios about what would happen if that Israeli attack occurred." "They were all very ugly scenarios." "Our belief was that if they went on their own knowing the limitations..." "No, they're a very good air force, all right?" "But it's small and the distances are great and the target's disbursed and hardened, all right?" "If they would have attempted a raid on a military plane, we would have been assuming that they were assuming we would finish that which they started." "In other words, there would be many of us in government thinking that the purpose of the raid wasn't to destroy the iranian nuclear system, but the purpose of the raid was to put us at war with Iran." "Israel is very much concerned about" "Iran's nuclear program, more than the United States." "It's only natural because of the size of the country, because we live in this neighborhood," "America lives thousands and thousands miles away from Iran." "The two countries agreed on the goal." "There is no page between us that Iran should not have a nuclear military capability." "There are some differences on how to..." "How to achieve it and when action is needed." "Yadlin:" "We are taking veryseriously leaders of countries who call to the destruction and annihilation of our people." "If Iran will get nuclear weapons, now or in the future..." "It means that for the first time in human history islamic zealots, religious zealots, will get their hand on the most dangerous, devastating weapons, and the world should prevent this." "Samore:" "The Israelis believe thattheiranianleadership hasalreadymadethe decision tobuildnuclearweapons whentheythink theycangetawaywith it." "Theviewin theU.S. isthattheiranians haven'tmadethat finaldecisionyet." "To me, that doesn't make any difference." "I mean, it really doesn't make any difference, and it's probably unknowable, unless you can put, you know, supreme leader khamenei on the couch and interview him." "Ithink,youknow, fromourstandpoint, stoppingIranfromgetting thethresholdcapacity is,youknow, theprimarypolicyobjective." "Oncetheyhave thefissilematerial, oncetheyhavethe capacityto producenuclearweapons, thenthegameislost ." "Hayden:" "President bush once said tome,he said," ""Mike,I don'twantany  presidenteverto be faced with only two options, bombing or the bomb."" "Right?" "He... he wanted options that..." "That made it..." "Made it far less likely he or his successor or successors would ever get to that point where that's..." "That's all you've got." "We wanted to be energetic enough in pursuing this problem that... that the Israelis would certainly believe," ""yeah, we get it."" "The intelligence cooperation between Israel and the United States is very, very good." "Andtherefore,theIsraelis wenttotheAmericans andsaid,"okay,guys, you don't want us to bomb Iran." "Okay, let's do it differently."" "AndthentheAmerican intelligencecommunitystarted rollinginjointforces withtheIsraeli intelligencecommunity." "One day a group of intelligence and military officials showed up in president bush's office and said, "sir, we have an idea." "It's a big risk." "It might not work, but here it is."" "Langner:" "Moving forward in myanalysisof thecodes," "Itookacloserlook  atthephotographs thathadbeenpublished by the iranians themselves in a press tour from 2008 ofahmadinejad andtheshinycentrifuges." "Sanger:" "Well, photographs ofahmadinejad goingthrough thecentrifugesat natanz hadprovidedsome veryimportantclues." "There was a huge amount to be learned." "Firstofall, thosephotographsshowed manyoftheindividuals whowereguidingahmadinejad throughtheprogram." "Andthere'soneveryfamous photographthatshows ahmadinejadbeingshown something." "You see his face, you can't see what'sonthecomputer." "Andoneof thescientists whowasbehindhim  wasassassinated afewmonthslater." "Langner:" "In one of thosephotographs, you could see parts of a computer screen." "We... we refer to that as a scada screen." "Thescadasystemisbasically apieceof software runningonacomputer." "Itenablestheoperators tomonitortheprocesses." "What you could see when you look close enough wasa moredetailedview oftheconfiguration therewerethesesix groups ofcentrifuges andeachgroup had164entries." "And guess what?" "That was a perfect match to what we saw in the attack code." "Itwasabsolutelyclear thatthispieceofcode  wasattackingan array ofsixdifferentgroups of,let'sjustsay , thingies,physicalobjects, andinthosesix groups, therewere164elements." "Gibney:" "Were you able to do any actual physical tests?" "Or it was all just code analysis?" "Yeah, so, you know, we obviously couldn't set up our own sort of nuclear enrichment facility." "So... but what we did was we did obtain some pics, the exact models." "Wethenorderedanairpump,  andthat'swhatweused  sortofas oursortof proofofconcept." "O'murchu:" "We needed avisualdemonstration toshowpeople whatwediscovered." "So we thought of different things that we could do, and we... we settled on blowing up a balloon." "We were able to write a program thatwouldinflateaballoon, anditwasset tostop  afterfiveseconds." "So it would inflate the balloon toa certainsize butitwouldn't bursttheballoon anditwasall safe." "And we showed everybody, this is the code that's on the plc." "Andthetimersays, "stopafterfiveseconds."" "Weknowthat's what'sgoingto happen." "And then we would infect the computer with stuxnet, andwewould runthetestagain." "Here is a piece of software that should only exist in a cyber realm and it is able to affect physical equipment in a plant or factory and cause physical damage." "Real-world physical destruction." "Atthattime,thingsbecame veryscaryto us ." "Hereyouhadmalware potentiallykillingpeople and that was something that was always Hollywood-esque to us that we'd always laugh at when people made that kind of assertion." "Gibney:" "At this point, you had tohavestarteddeveloping theoriesasto  whohadbuiltstuxnet." "It wasn't lost on us that there were probably only a few countries in the world that would want and have the motivation to sabotage" "Iran's nuclear enrichment facility." "The U.S. government would be up there." "Israeli government certainly would be... would be up there." "You know, maybe u.K., France, Germany, those sorts of countries, but we never found any information that would tie it back 100 percent to... to those countries." "There are no telltale signs." "You know, the attackers don't leave a message inside saying, you know, "it was me."" "And even if they did, all of that stuff can be faked." "So it's very, very difficult to do attribution when looking at computer code." "Gibney:" "Subsequent work that's been done leads us to believe that this was the work of a collaboration between Israel and the United States." "Yeah, yeah." "Gibney:" "Did you have any evidence in terms of your analysis that would lead you to believe that that's correct also?" "Nothing that I could talk about on camera." "Gibney:" "Well, can I ask why?" "No." "Well, you can, but I won't answer." "Gibney:" "But even in the case of nation-states," "I mean, one of the concerns is..." "Gibney:" "This was beginning toreallypissmeoff." "Even civilians with an interest intellingthestuxnetstory wererefusingto address theroleof TelAviv andWashington." "Butluckilyforme,  whileD.C. isa cityof secrets, itisalsoacity ofleaks ." "They'reasregularas aheartbeat andjustas hardtostop ." "That'swhatIwas countingon." "Finally,afterspeakingtoa  number of people on background," "I did find a way of confirming, ontherecord, theAmericanroleinstuxnet." "Inexchangefordetails oftheoperation," "Ihadto agreetofind away  todisguisethesource oftheinformation." " Gibney:" "We're good?" " Man:" "We're on." "Gibney:" "So the first question Ihaveto askyou  isaboutsecrecy." "Imean,at thispoint, everyoneknowsaboutstuxnet." "Whycan'twe talkaboutit?" "It'sa covertoperation." "Gibney:" "Not anymore." "Imean,we knowwhathappened, weknowwhodid it." "Well,maybeyoudon 'tknow asmuchas youthinkyouknow." "Gibney:" "Well, I'm talking to you becauseI wantto  getthestoryright." "Well,that'sthesamereason I'mtalkingto you." "Gibney:" "Even though it's acovertoperation?" "Look,thisis not asnowdenkindofthing,okay?" "Ithinkwhathedid waswrong." "Hewenttoofar ." "Hegaveawaytoo much." "Unlikesnowden, whowasacontractor," "Iwasin NSA." "Ibelievein theagency, so what I'm willing to give you willbelimited, butwe'retalking becauseeveryone'sgetting thestorywrong andwehavetogetitright." "Wehaveto understand thesenewweapons." "Thestakesaretoo high." "Gibney:" "What do you mean?" "Wedidstuxnet." "It'sa fact." "Youknow,we came sofuckingclosetodisaster, andwe'restillontheedge." "Itwasahugemultinational, interagencyoperation." "IntheU.S.itwasCIA," "NSA,andthemilitary cybercommand." "Frombritain,we used Iraninteloutofgchq , butthemainpartner wasIsrael." "Overthere, Mossadrantheshow, andthetechnicalwork wasdoneby unit8200." "Israelisreallythe key  tothestory." "Melman:" "Oh, traffic in Israel is so unpredictable." "Gibney:" "Yossi, how did you get into this whole stuxnet story?" "I have been covering the Israeli intelligence in general, in the Mossad in particular fornearly30 years." "In' 82,I wasaLondon-based correspondent andI coveredatrial ofterrorists, andI becamemorefamiliar withthistopicofterrorism, andslowlybutsurely,I startedcoveringit as abeat." "Israel, we live in a very rough neighborhood where the..." "The Democratic values, western values, are very rare." "But Israel pretends to be a free, Democratic, westernized society, poshneighborhoods, richpeople, youngsterswhoarehaving almostsimilarmind-set totheirAmerican orwesternEuropean counterparts." "Ontheotherhand, youseealot ofscenes andeventswhichresemble therealmiddleeast, terrorattacks,radicals, fanatics,religiouszealots." "I knew that Israel is trying to slow down" "Iran's nuclear program, and therefore, i came to the conclusion that if there was a virus infecting Iran's computers, it's... it's one more element in... in this larger picture basedonpastprecedents." "Yadlin:" "1981I wasan f-16pilot, andweweretoldthat , unlikeourdream tododogfights andtokillmigs, wehaveto be prepared fora long-rangemission to destroy a valuable target." "Nobodytoldus whatis thisveryvaluable strategictarget." "Itwas600milesfrom Israel." "So we train our self to do the job, which was very difficult." "No air refueling at that time." "No satellites for reconnaissance." "Fuel was on the limit." "Pilot:" "What?" "Whoa!" "Whoa!" "Yadlin:" "At the end of the day, weaccomplished themission." "Gibney:" "Which was?" "Yadlin:" "To destroy theIraqinuclearreactor nearBaghdad, whichwascalledosirak." "And Iraq never was able to accomplish its ambition to have a nuclear bomb." "Melman:" "Amos yadlin, generalyadlin, hewasthehead ofthemilitaryintelligence." "Thebiggestunit withinthatorganization wasunit8200." "They'dblocktelephones, they'dblockfaxes, they'rebreaking intocomputers." "Adecadeago, whenyadlinbecame thechiefof  militaryintelligence, therewasno  cyberwarfareunitin8200 ." "Sotheystartedrecruiting verytalentedpeople, hackerseither fromthemilitary or outside the military that can contribute to the project of building a cyber warfare unit." "Yadlin:" "In the 19th century, therewereonlyarmyandNavy." "Inthe20thcentury, wegotairpower asa thirddimensionofwar." "Inthe21stcentury, cyberwillbe  thefourthdimensionofwar." "It'sanotherkindofweapon and it is for unlimited range in a very high speed and in a very low signature." "So this give you a huge opportunity..." "Andthesuperpowers havetochange thewaywe think aboutwarfare." "Finally we are transforming our military for a new kind of war that we're fighting now..." "And for wars of tomorrow." "Wehavemadeour military bettertrained, betterequipped, andbetterprepared tomeetthethreats facingAmericatoday andtomorrow andlongin thefuture." "Sanger:" "Back in the end ofthebushadministration, peoplewithin theU.S.government werejustbeginning toconvincepresidentbush to pour money into offensive cyber weapons." "Stuxnetstartedoff inthedefensedepartment." "ThenRobertgates, secretaryofdefense, reviewedthisprogram andhesaid," ""thisprogramshouldn'tbe inthedefensedepartment." "Thisshouldreallybeunder thecovertauthorities overin theintelligenceworld."" "SotheCIAwas  verydeeplyinvolved inthisoperation, whilemuchof  thecodingworkwas done bythe nationalsecurityagency andunit8200, itsIsraeliequivalent, workingtogetherwithanewly createdmilitaryposition calledU.S.cybercommand." "And interestingly, the director of the national security agency would also have a second role as the commander of U.S. cyber command." "AndU.S.cybercommand islocated atfortMeadeinthe samebuildingas theNSA ." "Col. Gary d." "Brown:" "Iwasdeployedfor ayear  giving advice on air operations inIraqandAfghanistan, andwhenIwas returninghome  afterthat, theassignmentIwas given wastogo  toU.S.cybercommand." "Cyber command is a..." "Is the military command that's responsible for essentially the conducting of the nation's military affairs in cyberspace." "Thestatedreason theUnitedStates decideditneeded acybercommand wasbecauseof an eventcalled operationbuckshotyankee." "Chris inglis:" "Inthefallof2008 , wefoundsome adversariesinside ofourclassifiednetworks." "While it wasn't completely true that we always assumed that we were successful at defending things at the barrier, at the... at the kind of perimeter that we might have between our networks and the outside world," "there was a large confidence that we'd been mostly successful." "But that was a moment in time when we came to the quick conclusion that it..." "It's not really ever secure." "Thatthenaccelerated thedepartmentof defense's progresstowards whatultimately becamecybercommand." "Good morning." "Good morning." "Good morning, sir." "Cyber has one item for you today." "Earlier this week, antok analysts detected a foreign adversary using known methods to access the U.S. military network." "We identified the malicious activity via data collected through our information assurance and signals from intelligence authorities and confirmed it was a cyber adversary." "We provided data to our cyber partners within the dod..." "You think of NSA as an institution that essentially uses its abilities in cyberspace to help defend communications in that space." "Cybercommandextends thatcapability bysayingthattheywill then  takeresponsibilityto attack." "Hayden:" "NSA has no legalauthorityto attack." "It'sneverhadit,  Idoubtthatitever will ." "It might explain why U.S. cyber command is sitting out at fort Meade on top of the national security agency, because NSA has the abilities to do these things." "Cyber command has the authority to do these things." "And "these things" here refer to the cyber-attack." "This is a huge change for the nature of the intelligence agencies." "TheNSAwassupposed tobeacode-making andcode-breakingoperation tomonitorthecommunications offoreignpowers andAmericanadversaries inthedefense oftheUnitedStates." "Butcreatingacybercommand meantusing thesametechnology todooffense." "Onceyougetinsidean adversary'scomputernetworks, youputan implant inthatnetwork." "Andwehavetensofthousands offoreigncomputers andnetworksthatthe  UnitedStatesputimplantsin." "Youcanuseittomonitor what'sgoingacross that network and you can use it toinsertcyberweapons, malware." "If you can spy on a network, you can manipulate it." "It's already included." "The only thing you need is an act of will." "NSA source:" "IplayedaroleinIraq." "Ican'ttellyou  whether it was military or not, butI cantellyou" "NSAhadcombatsupportteams incountry." "Andforthefirsttime , unitsinthefield had direct access to NSA intel." "Overtime,we thought moreaboutoffense thandefense,youknow, moreaboutattacking thanintelligence." "Intheolddays,sigintunits  wouldtryto trackradios, butthroughNSAinIraq , wehadaccess toallthenetworks goinginandout  ofthecountry." "Andwehooveredup everytextmessage, email,andphonecall." "Acompletesurveillancestate." "Wecouldfindthe bad guys, say,a gangmakingleds, maptheirnetworks, andfollowtheminreal time ." "Soldier:" "Roger." "NSA source:" "And we could lockintocellphones evenwhentheywereoff andsendafaketext  froma friend, suggesta meetingplace, andthencapture..." "Soldier:" "1A, clear to fire." "...orkill." "Soldier:" "Good shot." "Brown:" "A lot of the people thatcameto cybercommand, themilitaryguys, camedirectlyfrom anassignment inAfghanistanor Iraq, 'causethosearethe people withexperience andexpertisein operations, and those are the ones you want looking at this" "to see how cyber could facilitate traditional military operations." "NSA source:" "Freshfromthesurge," "Iwentto workatNSAin'07  ina supervisorycapacity." "Gibney:" "Exactly where didyouwork?" "NSA source:" "Fort Meade." "Youknow,Icommuted tothatmassivecomplex everysingleday." "Iwasin tao-s321, "theroc."" "Gibney:" "Okay, the tao, theroc?" "Right,sorry." "Taois tailoredaccessoperations." "It'swhere NSA'shackerswork." "Ofcourse, wedidn'tcallthemthat ." "Gibney:" "What did you call them?" "NSA source:" "On net operators." "They'retheonlypeopleatNSA allowedtobreakin orattackon theInternet." "Insidetaoheadquarters istheroc, remoteoperationscenter." "IftheU.S.government wantstogetinsomewhere, itgoesto theroc ." "Imean,we wereflooded withrequests." "Somanythatwecould onlydoabout,mm,  30%ofthemissionsthat were  requestedofus at onetime, throughtheweb butalsoby hijacking shipmentsofparts." "Youknow,sometimesthe CIA  wouldassist inputtingimplants inmachines," "soonceinside atargetnetwork, wecouldjust..." "Watch..." "Orwecouldattack." "InsideNSAwasastrange kindofculture, like, twopartsmachomilitary andtwopartscybergeek ." "Imean,Icamefrom Iraq , soI wasusedto,  "yes,sir." "No ,sir."" "Butfortheweapons programmers weneededmore "thinkoutsidethebox "types." "Fromcubicleto cubicle, you'dseelightsabers, tribbles, thosenarutoactionfigures, lotsof aqua teen hunger force." "Thisoneguy, theyweremostlyguys, wholikedto wear ayellowhoodedcape, heusedaton ofgray legos tobuildamassivedeathstar." "Gibney:" "Were they all working onstuxnet?" "NSA source:" "Wenevercalleditstuxnet." "Thatwasthenameinvented bytheantivirusguys." "Whenithitthe papers, we're not allowed to read about classifiedoperations, evenifit 'sin  the New York times." "Wewentoutofourway toavoidtheterm." "Imean, saying" stuxnet"outloud waslikesaying"Voldemort" inHarryPotter." "Thenamethat shallnotbe spoken." "Gibney:" "What did youcallit then?" "Thenatanzattack, andthisis outtherealready, wascalled olympicgamesor og ." "Therewasahugeoperation totestthecode onpics herearefortMeade and in sandia, new Mexico." "Rememberduringthebushera whenLibyaturnedover allthecentrifuges?" "Thosewerethesamemodels theiraniansgot froma.Q.Khan." "P1's." "WetookthemtooakRidge  andusedthem totestthecode whichdemolishedtheinsides." "Atdimona,theIsraelisalso  testedonthep1's." "Then,partlyby using ourintelon Iran, wegottheplansfor thenewermodels,the ir-2's." "Wetriedoutdifferent attackvectors." "We ended up focusing on ways to destroytherotortubes." "Inthetestsweran,  weblewthemapart." "They swept up the pieces, they put it on an airplane, they flew it to Washington, they stuck it in the truck, they drove it through the gates of the white house, and dumped the shards out on the conference room table" "in the situation room." "And then they invited president bush to come down and take a look." "And when he could pick up the shard of a piece of centrifuge..." "He was convinced this might be worth it, and he said, "go ahead and try."" "Gibney:" "Was there legal concern inside the bush administration that this might be an act of undeclared war?" "If there were concerns, i haven't found them." "That doesn't mean that they didn't exist and that some lawyers somewhere weren't concerned about it, but this was an entirely new territory." "At the time, there were really very few people who had expertise specifically on the law of war and cyber." "And basically what we did was looking at, okay, here's our broad direction." "Now, let's look..." "Technically what can we do to facilitate this broad direction?" "After that, maybe the..." "I would come in or one of my lawyers would come in and say," ""okay, this is what we may do." Okay." "There are many things we can do, but we are not allowed to do them." "And then after that, there's still a final level that we look at and that's, what should we do?" "Because there are many things that would be technically possible and technically legal but a bad idea." "Fornatanz, itwasaCIA-ledoperation, sowehadtohave  agencysign-off." "Gibney:" "Really?" "Someonefromtheagency stoodbehindtheoperator andtheanalyst andgavetheordertolaunch everyattack." "Chien:" "Before they had evenstartedthisattack, theyputinsideofthecode thekilldate, adateat whichitwouldstop operating." "O'murchu:" "Cutoff dates, we don't normally see that inotherthreats, andyouhavetothink," ""well,whyis there acutoffdateinthere?"" "And when you realize that, well, stuxnet was probably written by government and that there are laws regarding how you can use this sort of software, that there may have been a legal team who said, "no, you..." "You need to have a cutoff date in there, and you can only do this and you can only go that far and we need to check if this is legal or not." "Thatdateis afew daysbefore Obama'sinauguration." "Sothetheorywas that thiswasan operation thatneededto be stopped ata certaintime becausetherewas gonnabeahandover andthatmoreapproval wasneeded." "Are you prepared to take the oath, senator?" "I am." "I, Barack Hussein Obama..." " I, Barack..." " Do solemnly swear..." "I, Barack Hussein Obama, do solemnly swear..." "Sanger:" "Olympic games was reauthorized by president Obama inhisfirstyearinoffice, 2009." "Itwasfascinatingbecauseit wasthefirstyearof theObamaadministrationand  theywouldtalktoyou endlesslyaboutcyberdefense." "Obama:" "We count on computernetworks todeliverouroil and gas , ourpower,andour water." "Werelyon themfor  publictransportation andairtrafficcontrol." "But just as we failed in the past to invest in our physical infrastructure, our roads, our Bridges, and rails, we failed to invest in the security of our digital infrastructure." "Sanger:" "He was running eastroomevents tryingtogetpeopletofocus  ontheneedto defendcybernetworks and defend American infrastructure." "But when you asked questions about the use of offensive cyber weapons, everything went dead." "No cooperation." "White house wouldn't help, Pentagon wouldn't help," "NSA wouldn't help." "Nobody would talk to you about it." "Butwhenyoudug into thebudget forcyberspendingduring theObamaadministration, whatyoudiscoveredwas  muchofit wasbeingspent onoffensivecyberweapons." "Youseephraseslike "title10cno."" "Title10meansoperations fortheU.S.military, andcnomeans computernetworkoperations." "Thisisconsiderableevidence that stuxnet was just the opening wedge of what is a much broader U.S. government effort now to develop an entire new class of weapons." "Chien:" "Stuxnet wasn't just anevolution." "Itwasreallyarevolution inthethreatlandscape." "Inthepast,the vastmajority ofthreatsthatwesaw werealwayscontrolledby anoperatorsomewhere." "They would infect your machines, but they would have what's called a callback or a command-and-control channel." "The threats would actually contact the operator and say, what do you want me to do next?" "And the operator would send down commands andsay,maybe,searchthrough thisdirectory, findthesefolders, findthesefiles, uploadthesefilestome, spreadtothisothermachine, thingsofthatnature." "Butstuxnetcouldn'thave acommand-and-controlchannel because once it got inside in natanz it would not have been able to reach back out to the attackers." "The natanz network is completely air gapped from the rest of the Internet." "It's not connected to the Internet." "It's its own isolated network." "Generally, getting across an air gap is..." "Is one of the more difficult challenges that attackers will face just because of the fact that there... everything is in place to prevent that." "You know, everything, you know, the policies and procedures and the physical network that's in place is specifically designed to prevent you crossing the air gap." "But there's no truly air-gapped network in these real-world production environments." "People gotta get new code into natanz." "People have to get log files off of this network in natanz." "People have to upgrade equipment." "People have to upgrade computers." "This highlights one of the major security issues that we have in the field." "If you think, "well, nobody can attack this power plant or this chemical plant because it's not connected to the Internet,"" "that's a bizarre illusion." "NSA source:" "The first time we introduced the code into natanz weusedhumanassets, maybeCIA, morelikelyMossad, butourteamwas keptin the dark about the trade craft." "WeheardrumorsinMoscow, aniranianlaptopinfected bya phonySiemenstechnician witha flashdrive..." "AdoubleagentinIran  withaccessto natanz, butI don'treallyknow." "Whatwehadtofocuson wastowritethe code sothat,onceinside, thewormactedonitsown." "They built in all the code and all the logic into the threat to be able to operate all by itself." "Ithadtheability tospreadby itself." "Ithadtheabilitytofigure out,doIhavetheright pics?" "HaveI arrivedin natanz?" "AmI atthetarget?" "Langner:" "Andwhenit 'son target, itexecutesautonomously." "That also means you..." "You cannot call off the attack." "It was definitely the type of attack where someone had decided that this is what they wanted to do." "There was no turning back once stuxnet was released." "Whenitbegantoactually executeitspayload, youwouldhaveawholebunch  ofcentrifuges ina hugearrayofcascades sittinginabig hall." "Andthenjustoff thathall  youwouldhave anoperatorsroom, thecontrolpanelsin frontofthem,abigwindow wheretheycould seeintothehall." "Computersmonitor theactivities ofallthesecentrifuges." "So a centrifuge, it's driven by an electrical motor." "And the speed of this electrical motor is controlled by another plc, by another programmable logic controller." "Chien:" "Stuxnet would wait for13days beforedoinganything, because13daysis aboutthetimeittakes toactuallyfillanentire cascadeofcentrifuges withuranium." "They didn't want to attack when the centrifuges essentially were empty or at the beginning of the enrichment process." "Whatstuxnetdid was it actually would sit there duringthe13 days andbasicallyrecord allofthenormalactivities thatwerehappening andsaveit ." "Andoncetheysaw  themspinningfor13days , thentheattackoccurred." "Centrifugesspin atincrediblespeeds, about1,000hertz." "Langner:" "They have asafeoperatingspeed, 63,000revolutionsperminute." "Chien:" "Stuxnet caused the uraniumenrichmentcentrifuges tospinup to 1,400hertz." "Langner:" "Up to 80,000 revolutionsperminute." "What would happen was those centrifuges would go through what's called a resonance frequency." "It would go through a frequency atwhichthemetalwould basicallyvibrate uncontrollably andessentiallyshatter." "There'dbeuraniumgas  everywhere." "And then the second attack they attempted was they actually tried to lower it to two hertz." "They were slowed down to almost standstill." "Chien:" "And at two hertz, sort of anoppositeeffectoccurs." "Youcanimagineatoytop thatyouspin andasthetop beginsto slow down, it begins to wobble." "That'swhatwouldhappen tothesecentrifuges." "They'dbeginto wobble andessentiallyshatter andfallapart." "And instead of sending back to the computer what was really happening, it would send back that old data that it had recorded." "Sothecomputer'ssitting therethinking," ""yep,runningat 1,000hertz, everythingisfine." "Runningat1,000hertz, everythingisfine."" "Butthosecentrifugesare  potentially spinning up wildly, ahugenoisewouldoccur." "It'dbelike,you know, ajetengine." "So the operators then would know, "whoa, something is going wrong here."" "They might look at their monitors and say, "hmm, it says it's 1,000 hertz," but they would hear that in the room something gravely bad was happening." "Not only are the operators fooled into thinking everything's normal, but also any kind of automated protective logic is fooled." "Chien:" "You can't just turn thesecentrifugesoff." "Theyhaveto be broughtdown ina verycontrolledmanner." "Andsotheywouldhit,  literally,thebigred button toinitiate agracefulshutdown, andstuxnetintercepts thatcode." "Soyouwouldhave theseoperators slammingonthatbutton overandoveragain andnothingwouldhappen." "Yadlin:" "If your cyber weapon isgoodenough, ifyourenemyisnot awareofit , it is an ideal weapon, because the enemy even don't understand what is happening to it." "Gibney:" "Maybe even better if the enemy begins to doubt" " their own capability." " Absolutely." "Certainly one must conclude that what happened at natanz must have driven the engineers crazy, becausetheworstthing thatcanhappen toa maintenanceengineer is not being able to figure out whatthecause ofspecifictroubleis." "Sotheymusthavebeen  analyzingthemselvesto death." "Heinonen:" "You know, you see centrifugesblowingup ." "Youlookthecomputerscreens, theygowiththe properspeed." "There's a proper gas pressure." "Everything looks beautiful." "Sanger:" "Through 2009 itwasgoingprettysmoothly." "Centrifugeswereblowingup." "The international atomic energy agencyinspectors wouldgoin to natanz andtheywouldsee that wholesectionsof the centrifugeshadbeenremoved." "The United States knew from its intelligence channels that some iranian scientists and engineers were being fired because the centrifuges were blowing up and the iranians had assumed that this was because they had been making errors or manufacturing mistakes." "Clearly this was somebody's fault." "So the program was doing exactly what it was supposed to be doing, which was it was blowing up centrifuges and it was leaving no trace and leaving the iranians to wonder what they got hit by." "This was the brilliance of olympic games." "You know, as a former director of a couple of big 3-letter agencies, slowing down 1,000 centrifuges in natanz..." "Abnormally good." "There was a need for... for..." "For buying time." "There was a need for slowing them down." "There was the need to try to push them to the negotiating table." "I mean, there are a lot of variables at play here." "Sanger:" "President Obama would go downintothesituationroom , andhewouldhavelaid out infrontof him whattheycalled thehorseblanket, whichwasagiantschematic ofthenatanz nuclearenrichmentplan." "Andthedesigners ofolympicgames woulddescribeto him what kind of progress they made andlookforhim  fortheauthorization tomoveon ahead tothenextattack." "Andatonepoint duringthosediscussions, hesaidto anumber ofhisaides," ""youknow, Ihavesomeconcerns becauseoncewordofthis  getsout,"" "andeventuallyhe knew itwouldgetout ," ""theChinesemayuse it asanexcuse fortheirattacksonus." "TheRussiansmightorothers."" "So he clearly had some misgivings, but they weren't big enough to stop him from going ahead with the program." "Andthenin 2010, adecisionwasmade tochangethecode." "Ourhumanassets weren'talwaysabletoget codeupdatesintonatanz andweweren'ttold exactlywhy, but we were told we had to have acybersolution fordeliveringthecode." "Butthedeliverysystems weretricky." "Iftheyweren'taggressive enough,theywouldn'tget in." "Iftheyweretoo aggressive, theycouldspread andbediscovered." "Chien:" "When we got thefirstsample, therewassomeconfiguration informationinsideof it ." "Andoneof thepiecesinthere  wasa versionnumber,1.1  and that made us realize, well, look, this likely isn't the only copy." "We went back through our databases looking for anything that looks similar to stuxnet." "Chien:" "As we began to collect moresamples, we found a few earlier versions ofstuxnet." "O'murchu:" "And when we analyzedthatcode, wesawthatversions previousto1.1 werea lotlessaggressive." "The earlier version of stuxnet, it basically required humans to do a little bit of double clicking in order for it to spread from one computer to another." "And, so, what we believe after looking at that code is two things, one, either they didn't get in to natanz with that earlier version, because it simply wasn't aggressive enough, wasn't able to jump over that air gap," "and/or two, that payload as well didn't work properly, didn't work to their satisfaction, maybe was not explosive enough." "Therewere slightlydifferentversions whichwereaimed atdifferentparts ofthecentrifugecascade." "Gibney:" "But the guys at symantec figuredyouchangedthe code becausethefirstvariations couldn'tgetin  anddidn'tworkright." "Wealwaysfoundaway togetacrossthe air gap ." "Attao,we laughed whenpeoplethoughttheywere  protectedbyan airgap ." "Andforog ,theearlyversions ofthepayloaddid work." "ButwhatNSAdid ..." "Wasalwayslow-key andsubtle." "Theproblemwasthat unit8200,theIsraelis, keptpushingus  tobemoreaggressive." "Chien:" "The later version ofstuxnet1.1, thatversionhadmultipleways  ofspreading." "Had the four zero days inside of it, for example, that allowed it to spread all by itself without you doing anything." "It could spread via network shares." "It could spread via USB keys." "It was able to spread via network exploits." "That's the sample that introduced us to stolen digital certificates." "That is the sample that, all of a sudden, became so noisy and caught the attention of the antivirus guys." "In the first sample we don't find that." "And this is very strange, because it tells us that in the process of this development the attackers were less concerned with operational security." "Chien:" "Stuxnet actually kept aloginsideofitself ofallthemachinesthat  itinfectedalongthe way  asitjumpedfromonemachine toanother toanotherto another." "Andwewereabletogatherup allthesamples thatwecouldacquire, tensofthousandsofsamples." "We extracted all of those logs." "O'murchu:" "We could see the exactpaththatstuxnettook ." "Chien:" "Eventually, we were able totraceback thisversionof stuxnet togroundzero, to the first five infections in the world." "Thefirstfiveinfections are all outside a natanz plant, allinsideof organizations insideofIran, allorganizations thatareinvolvedin industrialcontrolsystems andconstruction ofindustrialcontrol facilities, clearlycontractorswhowere working on the natanz facility." "Andtheattackersknewthat ." "They were electrical companies." "They were piping companies." "They were, you know, these sorts of companies." "And they knew..." "They knew the technicians from those companies would visit natanz." "So they would infect these companies and then technicians would take their computer or their laptop or their USB..." "That operator then goes down to natanz and he plugs in his USB key, which has some code thatheneedstoupdate intonatanz, intothenatanznetwork, andnowstuxnet isableto getinsidenatanz" "andconductitsattack." "These five companies were specifically targeted to spread stuxnet into natanz and that it wasn't that... that stuxnet escaped out of natanz and then spread all over the world and it was this big mistake and "oh, it wasn't meant" "to spread that far but it really did."" "No, that's not the way we see it." "The way we see it is that they wanted it to spread far so that they could get it into natanz." "Someone decided that we're gonna create something new, something evolved, that's gonna be far, far, far more aggressive." "And we're okay, frankly, with it spreading all over the world to innocent machines in order to go after our target." "The Mossad had the role, had the... the assignment to deliver the virus to make sure that stuxnet would be put in place in natanz toaffectthecentrifuges." "Meirdagan, theheadof Mossad, wasundergrowingpressure fromtheprimeminister," "Benjaminnetanyahu, toproduceresults." "Insidetheroc, wewerefurious." "TheIsraelistookour codefor thedeliverysystem andchangedit ." "Then,ontheirown , withoutouragreement, theyjustfuckinglaunchedit." "2010aroundthesametime  theystartedkilling iranianscientists..." "Andtheyfuckedup thecode!" "Insteadofhiding, thecodestartedshuttingdown  computers, sonaturally,peoplenoticed." "Becausetheywereina hurry, theyopenedpandora'sbox ." "Theyletit out anditspread allovertheworld." "Gibney:" "Thewormspreadquickly butsomehow itremainedunseen untilitwasidentified inBelarus." "Soonafter, Israeliintelligenceconfirmed thatithadmadeitswayinto thehands oftheRussian federalsecurityservice, asuccessorto thekgb ." "So it happened that the formula fora secretcyberweapon designedby theU.S.andIsrael fellintothehands ofRussia andtheverycountry itwasmeanttoattack." "Kiyaei:" "In international law, whensomecountry ora coalitionof countries targets a nuclear facility, it's a act of war." "Please, let's be frank here." "If it wasn't Iran, let's say a nuclear facility in United States..." "Was targeted in the same way..." "The American government would not sit by and let this go." "Gibney:" "Stuxnet is an attack in peacetime on critical infrastructures." "Yes, it is." "I'm..." "Look, when I read about it," "I read it, I go, "whoa, this is a big deal."" "Yeah." "Sanger:" "The people who were runningthisprogram, includingLeonpanetta, thedirectorof theCIA  atthetime, hadtogo down intothesituationroom andfacepresidentObama, vicepresidentbiden andexplainthatthisprogram" "wassuddenlyon theloose." "Vice president biden, at one point during this discussion, sort of exploded in biden-esque fashion andblamedtheIsraelis." "Hesaid,"itmusthave been  theIsraelis whomadeachange inthecode thatenabledit to getout ."" "Richard Clarke:" "President Obama saidtotheseniorleadership," ""youtoldme it wouldn't get out of the network." "It did." "You told me the iranians would never figure out it was the United States." "They did." "You told me it would have a huge affect on their nuclear program, and it didn't."" "Sanger:" "The natanz plant is inspected every couple of weeks bytheinternationalatomic energyagencyinspectors." "Andifyoulineupwhat youknowaboutthe attacks withtheinspectionreports, youcanseethe effects." "Heinonen:" "If you go to theiaeareports, theyreallyshowthatall ofthosecentrifuges wereswitchedoff andtheywereremoved." "Asmuchas almostcouple of thousand got compromised." "When you put this altogether," "I wouldn't be surprised if their program got delayed by the one year." "Butgothentoyear 2012-13 and looking how the centrifuges startedtocomeupagain." "Kiyaei:" "Iran'snumberof centrifuges wentupexponentially, to 20,000, with a stockpile of low enriched uranium." "This isn't..." "These are high numbers." "Iran'snuclearfacilities expanded withtheconstruction offordow andotherhighlyprotected facilities." "So ironically, cyber warfare..." "Assassination of its nuclear scientists, economic sanctions, political isolation..." "Iranhasgonethrough "a"to"x "" "ofeverychorusofpolicy thattheU.S.,Israel, andthosewhoallywith them  haveplacedon Iran, and they have actually made Iran's nuclear program more advanced today than it was ever before." "Mossad operative:" "Thisisavery verydangerous minefieldthatwe arewalking, and nations who decide to take these covert actions" "should be taking into consideration all the effects, including the moral effects." "I would say that this is the price that we have to pay in this..." "In this war, and our blade of righteousness shouldn't be so sharp." "Gibney:" "In Israel andintheUnitedStates, thebladeof righteousness cutbothways, woundingthetargets andtheattackers." "Whenstuxnetinfected Americancomputers, thedepartment ofhomelandsecurity, unawareofthecyberweapons launchbytheNSA , devotedenormousresources tryingtoprotectAmericans fromtheirowngovernment." "Wehadmetthe enemy anditwasus." "Seán Paul mcgurk:" "The purpose of thewatchstationsthat youseein frontofyou istoaggregatethe data" "  coming in from multiple feeds ofwhatthecyberthreats couldbe, so if we see threats we can provide real-time recommendations forbothprivatecompanies, aswellas federalagencies." "Male journalist:" "Yep, absolutely." "We'd be more than happy to discuss that." "Female journalist:" "Seán, is it..." "Mcgurk:" "Early July of 2010 wereceivedacall thatsaidthatthispiece ofmalwarewasdiscovered and could we take a look at it." "When we first started the analysis, there was that "oh, crap" moment, you know, where we sat there and said, this is something that's significant." "It's impacting industrial control." "It can disrupt it to the point where it could cause harm and not only damage to the equipment, but potentially harm or loss of life." "Wewereveryconcerned becausestuxnet wassomethingthat wehadnotseenbefore." "Sotherewasn'talotofsleep thatnight." "Basically, light up the phones, calleverybodywe know, informthesecretary, informthewhitehouse, informtheotherdepartments andagencies, wakeuptheworld, andfigureoutwhat'sgoingon withthisparticularmalware." "Good morning, chairman lieberman, ranking member Collins." "Something as simple and innocuous as this becomes a challenge for all of us to maintain accountability control of our critical infrastructure systems." "This actually contains the stuxnet virus." "I've been asked on a number of occasions," ""did you ever think this was us?"" "And at... at no point did that ever really cross our mind, because we were looking at it from the standpoint of, is this something that's coming after the homeland?" "You know, what... what's going to potentially impact, you know, our industrial control based here in the United States?" "You know, I liken it to, you know, field of battle." "You don't think the sniper that's behind you is gonna be shooting at you, 'cause you expect him to be on your side." "We really don't know who the attacker was in the stuxnet case." "So help us understand a little more what this thing is whose origin and destination we don't understand." "Gibney:" "Did anybody ever give you any indication that it was something that they already knew about?" "No, at no time did I get the impression from someone that that's okay, you know, get the little pat on the head, and... and scooted out the door." "I never received a stand-down order." "I never... no one ever asked, "stop looking at this."" "Do we think that this was a nation-state actor and that there are a limited number of nation-states that have such advanced capacity?" "Gibney:" "Seán mcgurk, the director of cyber for the department of homeland security, testified before the senate about how he thought stuxnet was a terrifying threat to the United States." "Is that not a problem?" "I don't... and... and how..." "How do you mean?" "That stuxnet was a bad idea?" "Gibney:" "No, no, no, just that before he knew what it was" " and what it attacks..." " Oh, I..." "I get it." " Gibney:" "Yeah..." " Yeah, he was responding to something that we... to critical infrastructure in the United States." "Yeah." "The worm is loose!" "Gibney:" "The worm is loose." "I understand." "But there's..." "There's a further theory having to do with whether or not, following upon David sanger..." "I got the subplot, and who did that?" "Was it the Israelis?" "And, yeah, I..." "I truly don't know, and even though I don't know," "I still can't talk about it, all right?" "Stuxnet was somebody's covert action, all right?" "And the definition of covert action is an activity in which you want to have the hand of the actor forever hidden." "So by definition, it's gonna end up in this" ""we don't talk about these things" box." "Sanger:" "To this day, theUnitedStatesgovernment hasneveracknowledged conductinganyoffensivecyber attackanywherein theworld." "Butthanksto Mr.snowden, weknowthatin2012  presidentObamaissued anexecutiveorder thatlaidout someoftheconditions underwhichcyberweapons canbeused." "Andinterestingly, everyuseof acyberweapon requirespresidential sign-off." "That is only true in the physical world for nuclear weapons." "Clarke:" "Nuclear war and nuclear weaponsarevastlydifferent fromcyberwar andcyberweapons." "Havingsaidthat, therearesomesimilarities." "Andintheearly1960s, theUnitedStatesgovernment suddenlyrealized ithadthousands ofnuclearweapons, bigonesandlittleones , weaponsonjeeps, weaponsonsubmarines, and it really didn't have a doctrine." "It really didn't have a strategy." "It really didn't have an understanding at the policy level about how he was going to use all of these things." "And so academics started publishing unclassified documents about nuclear war and nuclear weapons." "Sanger:" "And the result was morethan20 years, intheUnitedStates, of very vigorous national debates abouthowwe wanttogouse nuclearweapons." "And not only did that cause the congress and people in the executive branch in Washington to think about these things, it caused the Russians to think about these things." "Andoutof that grewnucleardoctrine, mutualassureddestruction, allofthatcomplicatedset ofnucleardynamics." "Today, on this vital issue at least, we have seen what can be accomplished when we pull together." "We can't have that discussion in a sensible way right now about cyber war and cyber weapons because everything is secret." "And when you get into a discussion with people in the government, people still in the government, people who have security clearances, you run into a brick wall." "Trying to stop Iran is really the... my number one job, and I think..." "Host:" "And let me ask you, in that context, about the stuxnet computer virus potentially..." "You can ask, but I won't comment." "Host:" "Can you tell us anything?" "No." "What do you think has had the most impact on their nuclear decision-making, the stuxnet virus?" "I can't talk about stuxnet." "I can't even talk about the operation of Iran centrifuges." "Was the U.S. involved in any way in the development of stuxnet?" "It's hard to get into any kind of comment on that till we've finished any..." "Our examination." "But, sir, I'm not asking you if you think another country was involved." "I'm asking you if the U.S. was involved." "And we're..." "This is not something that we're gonna be able to answer at this point." "Look, for the longest time, i was in fear that" "I couldn't actually say the phrase" ""computer network attack."" "This stuff is hideously overclassified, and it gets into the way of a..." "Of a mature public discussion as to what it is we as a democracy want our nation to be doing up here in the cyber domain." "Now, this is a former director of NSA and CIA saying this stuff is overclassified." "One of the reasons this is highly classified as it is this is a peculiar weapons system." "This is a weapons system that's come out of the espionage community, and... and so those people have a habit of secrecy." "Secrecy is still justifiable in certain cases to protect sources or to protect national security but when we deal with secrecy, don't hide behind it to use as an excuse to not disclose something properly that you know should be" "orthattheAmericanpeople needultimatelyto see." "Gibney:" "While most government officialsrefused toacknowledgetheoperation, atleastonekey insiderdid leakpartsof thestory tothepress." "In2012,Davidsangerwrote adetailedaccount ofolympicgamesthatunmasked theextensivejointoperation betweentheU.S.and Israel tolaunchcyberattacks onnatanz." "Sanger:" "Thepublicationof thisstory coming at a time that turned out that there were a number of other unrelated national security stories being published, lead to the announcement of investigations by the Attorney General." "Gibney:" "In... into the press and into the leaks?" "Into the press and into the leaks." "Gibney:" "Soonafterthearticle, theObamaadministration targeted generalJamesCartwright ina criminalinvestigation forallegedlyleaking classifieddetails aboutstuxnet." "Journalist:" "There are reports of cyber attacks on the iranian nuclear program that you ordered." "What's your reaction to this information getting out?" "Well, first of all, I'm not gonna comment on the..." "The details of... what are..." "Supposed to be classified items." "SinceI 'vebeenin office, myattitudehasbeen zerotolerancefor thesekindsof leaks." "We have mechanisms in place where, if we can root out folks who have leaked, they will suffer consequences." "It became a significant issue and a very wide-ranging investigation in which I think most of the people who were cleared for olympic games at some point had been, you know, interviewed and so forth." "Whenstuxnethitthe media, theypolygraphedeveryone inouroffice, includingpeople whodidn'tknowshit." "Youknow,theypolyed theinterns,forgod 'ssake." "These are criminal acts when they release information like this, and we will conduct thorough investigations as we have in the past." "Gibney:" "The administration neverfiledcharges, possiblyafraidthat aprosecution would reveal classified details aboutstuxnet." "To this day, no one in the U.S. orIsraeligovernments hasofficiallyacknowledged theexistence ofthejointoperation." "Iwouldnevercompromise ongoingoperations inthefield, butweshouldbeable totalk aboutcapability." "Wecantalkaboutour..." "Bunkerbusters, whynotourcyberweapons?" "Imean,thesecrecy oftheoperation hasbeenblown." "Ourfriendsin Israel tooka weapon thatwejointlydeveloped, inpartto keepIsrael fromdoingsomethingcrazy, andthenusedit ontheirownina way thatblewthecover oftheoperation andcouldhaveled towar." "Andwecan'ttalkaboutthat?" "Mowatt-larssen:" "There's a way totalkaboutstuxnet." "It happened." "That... to deny that it happened is... is foolish." "So the fact it happened is really what we're talking about here." "What does..." "What are the implications of the fact that we now are in a post-stuxnet world?" "What I said to David sanger was," ""i understand the difference in destruction is dramatic, but this has the whiff of August 1945."" "Somebody just used a new weapon, and this weapon will not be put back into the box." "I..." "I know no operational details and don't know what anyone did or didn't do before someone decided to use the weapon, all right." "I do know this." "If we go out and do something, most of the rest of the world now thinks" "and it's something that they now feel legitimated to do as well." "Buttherulesofengagement, internationalnorms, treatystandards, theydon'texistrightnow." "Brown:" "The law of war, because it began to develop so long ago is really dependent on thinking ofthingskinetically andthephysicalrealm." "Soforexample, wethinkin termsofattacks." "You know an attack when it happens in the kinetic world." "It'snotreally muchofamystery." "But in cyberspace it is sort of confusing to think, how far do we have to go before something is considered an attack?" "So we have to take all the vocabulary and the terms that we use in strategy and military operations and adapt them into the cyber realm." "Sanger:" "Fornuclearwe havethese extensiveinspectionregimes." "TheRussianscome andlookat oursilos." "Wegoandlookattheir silos ." "Badasthingsget between thetwocountries, those inspection regimes have held up." "But working that our for..." "For cyber would be virtually impossible." "Where do you send your inspector?" "Inside the laptop of, you know..." "How many laptops are there in the United States and Russia?" "It's much more difficult in the cyber area to construct an international regime basedontreatycommitments andrulesof theroad andsoforth." "Although,we'vetriedtohave  discussionswiththeChinese andRussians andsoforthaboutthat , butit'sverydifficult." "Brown:" "Right now, thenormin cyberspaceis do whatever you can get away with." "That's not a good norm, but it's the norm that we have." "That'sthenorm that's preferred by states thatareengaginginlots of differentkindsof activities thattheyfeelare benefitting theirnationalsecurity." "Yadlin:" "Those who excel in cyber are trying to slow down the process of creating regulation." "Those who are victims we like the regulation to be in the open as..." "As soon as possible." "Brown:" "International law in this areaiswrittenbycustom, andcustomarylaw requiresa nationto say, thisiswhatwedid andthisis whywedidit." "And the U.S. doesn't want to push the law in that direction and so it chooses not to disclose its involvement." "And one of the reasons that I thought it was important to tell the story of olympic games was not simply because it's a cool spy story, it is, but it's because as a nation..." "We need to have a debate about how we want to use cyber weapons because we are the most vulnerable nation on earth to cyber-attack ourselves." "Mcgurk:" "If you get up in the morning and turn off your alarm andmakecoffeeand pumpgas andusetheatm , you'vetouched industrialcontrolsystems." "It'swhatpowersour lives." "And unfortunately, these systems are connected and interconnected in some ways that make them vulnerable." "Critical infrastructure systems generally were built years and years and years ago without security in mind and they didn't realize how things were gonna change, maybe they weren't even meant to be connected to the Internet." "And we've seen, through a lot of experimentation and through also, unfortunately, a lot of attacks that most of these systems are relatively easy for a sophisticated hacker to get into." "Let'ssayyoutookover  thecontrolsystem ofa railway." "Youcouldswitchtracks." "Youcouldcause derailmentsoftrains carryingexplosivematerials." "What if you were in the control systemofgaspipelines andwhenavalvewas supposedtobe open, itwasclosed andthepressurebuiltup andthepipelineexploded?" "There are companies that run electric power generation or electric power distribution thatweknowhavebeen hacked byforeignentities thathavetheability toshutdownthe powergrid ." "Sanger:" "Imagine for a moment thatnotonlyall the power wentoffon theeastcoast, buttheentireInternet camedown." "Imagine what the economic impact of that is even if it only lasted for 24 hours." "Newsreader:" "Accordingtotheofficials," "Iranisthefirstcountryever inthemiddleeast toactuallybe engaged ina cyberwar withtheUnitedStates andIsrael." "Ifanythingtheysaid therecentcyberattacks werewhatencouraged themtoplantosetup thecyberarmy,whichwill  gathercomputerscientists, programmers, softwareengineers..." "Kiyaei:" "If you are a youth andyouseeassassination ofa nuclearscientist, your nuclear facilities are getting attacked, wouldn't you join your national cyber army?" "Well, many did." "And that's why today, Iran has one of the largest..." "Cyber armies in the world." "So whoever initiated this and was very proud of themselves to see that little dip in Iran's centrifuge numbers, should look back now and acknowledge that it was a major mistake." "Very quickly, Iran sent a message to the United States, very sophisticated message, and they did that with two attacks." "First,theyattacked Saudiaramco, thebiggestoilcompany intheworld, andwipedouteverypiece ofsoftware, everylineof code, on30,000computerdevices." "Then Iran did a surge attack on the American banks." "The most extensive attack on American banks ever launched from the middle east, happening right now." "trying to bank online this week blocked,amongthetargets, bankofAmerica, pnc,andWellsFargo." "TheU.S.suspectshackers inIranmaybeinvolved." "NSA source:" "WhenIranhitour banks, wecouldhaveshutdown  theirbotnet, butthestatedepartment gotnervous, becausetheserversweren't actuallyinIran." "Sountiltherewas  adiplomaticsolution," "Obamalettheprivatesector dealwiththeproblem." "I imagine that in the white house situation room people sat around and said..." "Let me be clear, i don't imagine, I know." "People sat around in the white house situation room and said, "the iranians have sent us a message which is essentially, 'stop attacking us in cyberspace the way you did at natanz with stuxnet." "We can do it, too.'"" "Melman:" "There are unintended consequences ofthestuxnetattack." "You wanted to cause confusion and damage to the other side, but then the other side can do the same to you." "Themonsterturnedagainst itscreators, andnoweveryoneis inthisgame." "They did a good job in showing the world, including the bad guys, what you would need to do in order to cause serious trouble that could lead to injuries and death." "It's inevitable that more countries will acquire the capacity to use cyber, bothforespionage and for destructive activities." "Andwe'veseenthisinsomeof therecentconflicts that Russia's been involved in." "If there's a war, then somebody willtryto knockout  ourcommunicationsystem ortheradar." "Mcgurk:" "State-sponsored cybersleepercells, they'reoutthere everywheretoday." "Itcouldbe for communicationspurposes." "Itcouldbe for dataexfiltration." "It could be to, you know, Shepherd in the next stuxnet." "Imean,you'vebeenfocusing onstuxnet, butthatwasjustasmall part ofa muchlarger iranianmission." "Gibney:" "There was a larger iranianmission?" "NitroZeus." "Nz ." "Wespenthundredsofmillions, maybebillionson it ." "Intheeventthe Israelis didattackIran, weassumedwe wouldbedrawn intotheconflict." "Webuiltin attacksonIran 's command-and-controlsystem sotheiranianscouldn't talktoeachotherinafight." "Weinfiltratedtheirlads, militaryairdefensesystems, sotheycouldn'tshootdown  ourplanesif we flewover." "Wealsowentafter their civilian support systems, powergrids,transportation, communications, financialsystems." "Wewereinsidewaiting, watching, readytodisrupt,degrade, anddestroythosesystems withcyber-attacks." "Andincomparison, stuxnetwasabackalley operation." "Nzwastheplan fora full-scalecyberwar  withnoattribution." "The question is, is that the kind of world" "And if we don't, as citizens, how do we go about a process where we have a more sane discussion?" "We need an entirely new way of thinking about how we're gonna solve this problem." "You're not going to get an entirely new way of solving this problem until you begin to have an open acknowledgement that we have cyber weapons as well, and that we may have to agree to some limits on their use" "if we're going to get other nations to limit their use." "It's not gonna be a one-way street." "I'm old enough to have worked on nuclear arms control and biological weapons arms control and chemical weapons arms control." "And I was told in each of those types of arms control, when we were beginning," ""it's too hard." "There are all these problems." "It's technical." "There's engineering." "There's science involved." "There are real verification difficulties." "You'll never get there."" "Well, it took 20, 30 years in some cases, but we have a biological weapons treaty that's pretty damn good." "We have a chemical weapons treaty that's pretty damn good." "We've got three or four nuclear weapons treaties." "Yes, it may be hard, and it may take 20 or 30 years, but it'll never happen unless you get serious about it, and it'll never happen unless you start it." "Today, after two years of negotiations, the United States, together with our international partners, has achieved something that decades of animosity has not, a comprehensive, long-term deal with Iran that will prevent it from obtaining a nuclear weapon." "It was reached in lausanne, Switzerland, by Iran, the U.S., britain, France," "Germany, Russia, and China." "It is a deal in which Iran will cut its installed centrifuges by more than two thirds." "Iran will not enrich uranium with its advanced centrifuges for at least the next ten years." "It will make our country, our allies, and our world safer." "Netanyahu:" "Seventy years after the murder of 6 million Jews" "Iran's rulers promised to destroy my country, and the response from nearly every one of the governments represented here has been utter silence." "Deafening silence." "Perhaps you can now understand why Israel is not joining you in celebrating this deal." "History shows that America must lead, not just with our might, but with our principles." "It shows were are stronger, not when we are alone, but when we bring the world together." "Today's announcement marks one more chapter in this pursuit of a safer and more helpful, more hopeful world." "Thank you." "God bless you, and god bless the United States of America." "NSA source:" "EveryoneI knowis basically thrilledwiththeIrandeal ." "Sanctions and diplomacy worked." "Butbehindthatdeal wasa lotof confidence inourcybercapability." "We were everywhere inside Iran." "Stillare." "I'mnotgonnatellyou theoperationaldetails of what we can do going forward orwhere..." "Butthesciencefiction cyberwarscenarioishere ." "That'snitroZeus." "Butmyconcern andthereasonI'm talking..." "Isbecausewhenyou shutdown  acountry'spowergrid..." "Itdoesn'tjust popbackup ,youknow?" "It's more like humpty-dumpty..." "Andifallthe king'smen can'tturnthelightsback on orfilterthewater forweeks, thenlotsof peopledie ." "Andsomething wecando to others, theycando to us too." "Isthatsomething thatweshouldkeepquiet?" "Orshouldwe talkaboutit?" "Gibney:" "I've gone to many people inthisfilm, evenfriendsof mine, whowon'ttalktome abouttheNSAorstuxnet evenofftherecord forfearof goingtojail ." "Isthatfearprotectingus?" "No,butit protectsme." "OrshouldIsay we?" "I'm an actor playing a role written from the testimony of a small number of people from NSA and CIA, all of whom are angry about the secrecy but too scared to come forward." "Now, we're forward." "Well, forward-leaning." "or dataexfiltration." "It could be to, you know, Shepherd in the next stuxnet." "Imean,you'vebeenfocusing onstuxnet, butthatwasjustasmall part ofa muchlarger iranianmission." "Gibney:" "There was a larger iranianmission?" "NitroZeus." "Nz ." "Wespenthundredsofmillions, maybebillionson it ." "Intheeventthe Israelis didattackIran, weassumedwe wouldbedrawn intotheconflict." "Webuiltin attacksonIran 's command-and-controlsystem sotheiranianscouldn't talktoeachotherinafight." "Weinfiltratedtheirlads, militaryairdefensesystems, sotheycouldn'tshootdown  ourplanesif we flewover." "Wealsowentafter their civilian support systems, powergrids,transportation, communications, financialsystems." "Wewereinsidewaiting, watching, readyt"