Get PolitiFact in your inbox.

Jon Greenberg
By Jon Greenberg August 24, 2012

Group says Obama administration 'willfully leaked' existence of computer worm used against Iran

The group of former special forces soldiers and CIA officers behind the video Dishonorable Disclosure wants to make the case that the Obama administration is more than ready to sacrifice national security if it will boost the president’s popularity with voters. The group goes by the name Special Operations -- OPSEC, which stands for operations security.

We have rated two other claims. One was about the White House working with Hollywood producers and giving away intelligent sources and methods, which we rated Mostly False. The other was about whether the Obama administration gave away the identify of of a Pakistani doctor involved in the effort to find Osama bin Laden, which earned a False.

We now turn to the group's statement about the U.S. cyberattacks on Iran’s nuclear program. In the video, the announcer says, "This administration willfully leaked the existence of STUXNET, allowing our enemies to learn more of our secrets and of our operations."

"When we stand up and admit that we were part of putting STUXNET together with our Israeli friends," Bill Cowan, a retired Marine Lt. Colonel, said. "We have really undermined our ability to one, have the Israelis or anyone else work with us on the technology side, and second, we have made it very clear to the Iranians, who did it and who they need to be coming back to pay back."

We wondered if the Obama administration did reveal the nature of the computer worm STUXNET to the world, whether White House insiders shared information that they shouldn’t have, and in so doing, increased the national security threat to America.

We asked the OPSEC group for supporting information. They referred us to a June 2012 New York Times article and comments from two senators.

Zeroing in on STUXNET

STUXNET was a complex computer program that infected the centrifuges used by Iran to enrich uranium. It had two main lines of attack. One would take over the centrifuges and cause them to speed up until they shattered. The other component was especially deceptive. It recorded the pattern of normal operations and fed those signals to the machine technicians so they would never see what was actually going on until it was too late. With 15,000 lines of code, it was more sophisticated and, as computer security experts eventually learned, more targeted than any worm seen before. Needless to say, it was intriguing.

Much in the OPSEC claim hinges on what was known at various times, so let's start with a time line.

First, it's important to note there were revelations about a possible U.S. computer attack before Obama took office. When President George W. Bush was in office, he pushed the idea of targeting Iran's computers as an alternative to an Israeli air strike, according to a January 2009 New York Times article. The article relies on unnamed "senior American and foreign officials" and says, "Mr. Bush embraced more intensive covert operations actions aimed at Iran" that included the possibility of attacking the country's computer systems and networks.

We searched the Nexis database and found the earliest press reports on STUXNET came in late July 2010. Computer security firms had picked up an unusual virus that seemed to be found more in Iran than anywhere else. But there were just five articles in July and only two in August. The articles indicate the information came from private security companies, not the U.S. government.

The number shot up to nearly 150 articles in September. By that time, the experts had begun to pick STUXNET apart -- and they were impressed. Its subtleties and single focus on one type of German-made computer control device attracted a lot of attention. By the end of the month, the British newspaper The Independent, had the headline "Has West declared cyber war on Iran? Experts say the computer virus found in a nuclear plant is the work of a foreign power."

By October, reporters were talking about Israel as the likely force behind the virus. In November the Christian Science Monitor wrote of speculation that America and Israel had teamed up to build it. That same month, Iranian President Mahmoud Ahmadinejad acknowledged that Iranian equipment had been damaged.To some extent, not only was the worm complex, it was also an effective new weapon.

In January 2011 came a more robust linkage to the United States when the New York Times reported that "strong clues" pointed to a virus "designed as an American-Israeli project to sabotage the Iranian program." The article detailed that U.S. government engineers had studied the vulnerabilities of the control units that ran the Iranian centrifuges. It said those were the access points that STUXNET exploited. It described the kind of centrifuge used in Iran, the so-called P-1, and reported that an "American expert in nuclear intelligence, who spoke on the condition of anonymity, said the Israelis used machines of the P-1 style to test the effectiveness of STUXNET."

The article cited "officials familiar with the administration’s Iran strategy" as saying President Barack Obama had ordered researchers to move faster on a Bush administration project to target the electrical and computer systems around Natanz, Iran’s major uranium enrichment facility.

In June 2012, the New York Times reported that Obama personally had endorsed the operation called Olympic Games that produced STUXNET. The article relied on unnamed "members of the president’s national security team who were in the room" when the president and his top advisers discussed using the worm. It repeated many of the details in the earlier article but tied STUXNET into a broader strategy. It conveyed the administration’s reservations of unleashing a new form of warfare. It offered the president’s rationale for moving forward: A cyber attack would be better than a bombing run by Israel.

The attribution makes it clear that the Times reporter got considerable information from top officials in the Obama administration. The article cites "participants in the many Situation Room meetings" and "current and former American, European and Israeli officials involved in the program."

Congress reacts

Democrats and Republicans in Congress voiced alarm. Sen. Dianne Feinstein, D-Calif, and Sen. Saxby Chambliss, R-Ga., the chair and vice-chair of the Senate Intelligence Committee, issued a joint press release. They called the accelerating pace of leaks "unacceptable". They warned that "these disclosures have seriously interfered with ongoing intelligence programs and have put at jeopardy our intelligence capability to act in the future."

Sen. John McCain, R-Ariz., criticized the administration. "Our friends and allies," McCain said on the Senate floor, "Especially the Israelis, who have been compromised on the STUXNET operation, the virus in the Iranian nuclear program, of course, feel betrayed.

Obama shot back during a press conference.

"The notion that my White House would purposely release classified national security information is offensive. It's wrong," Obama said.

Obama said there were mechanisms to track down those who leaked and that if they were found, there would be consequences.

Obama also said "as I think has been indicated from these articles, whether or not the information they've received is true, the writers of these articles have all stated unequivocally that they didn't come from this White House. And that's not how we operate."

Actually, the source of the leak remains unclear. The person or persons were pretty clearly part of the administration, which could include the White House staff, the Pentagon or the CIA.

The day of that press conference, U.S. Attorney General Eric Holder named two federal prosecutors to investigate possible leaks of classified information by the Obama administration.

Defining a leak

The New York Times reporter who wrote the June story, David Sanger, was asked many times about White House leaks. On Face the Nation, Sanger diminished the administration’s role in his work.

"I spent a year working the story from the bottom up, and then went to the administration and told them what I had," Sanger said. "Then they had to make some decisions about how much they want to talk about it. All that you read about this being deliberate leaks out of the White House, it wasn't my experience."

Sanger underscored that the start of the story came when the worm spread out of Iran and was detected by computer security companies around the world. The time line of newspaper activity confirms the intense level of interest in STUXNET within the cyber community. The time line also shows that more than a year earlier, in 2011, a team of New York Times reporters had fleshed out and reported many of the details in the 2012 story with no apparent help from the Obama administration.

As for inflaming Iran’s desire to get even, Sanger was skeptical. "I would say that the Iranians had figured out two years ago they were being attacked," he said. And they "strongly suspected the United States and Israel."

But Steve Aftergood with the Federation of American Scientists, is less sanguine about the consequences. While Aftergood agrees that many people knew about STUXNET long before Sanger’s article, the implications of American acknowledgment of its role in unleashing the worm were potentially huge.

"The STUXNET operation was essentially an act of war," Aftergood told us. That’s why the sources in Sanger’s story needed to remain anonymous. To speak openly would open create a legal opening for Iran.

"A confirmed U.S. role in the operation would arguably entitle Iran -- under the laws of war -- to take reciprocal, proportionate offensive measures against the U.S., or to seek legal or financial remedies," Aftergood said.

Our ruling

The Special Operations OPSEC group said the administration "willfully leaked the existence of STUXNET, allowing our enemies to learn more of our secrets and of our operations."

There are big holes in this argument. As the time line shows, public knowledge of STUXNET long preceded any comment from any Obama administration official. There was extensive coverage and speculation about possible U.S. involvement months before June 2012. Our enemies didn't need the Obama administration to tell them this -- there was plenty of coverage before there was any attribution to Obama's team.

Still, it's clear that the Obama administration provided details -- including a quote from Obama himself in a meeting -- to the New York Times. So the administration -- broadly defined -- confirmed its operational role in the creation of the worm.

We rate the claim Half True.

Featured Fact-check

Our Sources

Special Operations OPSEC Education Fund,Dishonorable Disclosure, August 15, 2012

New York Times, Israel tests called crucial to Iran nuclear setback, January 15, 2011

New York Times, Obama order sped up wave of cyber-attacks against Iran, June 1, 2012

Wired, Sen. Feinstein calls for hearing on SUTXNET leaks as FBI begins probe, June 6, 2012

PolitiFact, Group blames Obama for linking CIA to Pakistani Doctor, August 22, 2012

PolitiFact, Group says Obama revealed secret information to Hollywood filmmakers, August 20, 2012

New York Times, U.S. rejected aid for Israeli raid on Iranian nuclear site, January 10, 2009

Email interview with Steven Aftergood, Federation of American Scientists, August 23, 2012

Wall Street Journal Abstracts, Virus attacks Siemens plant-control systems, July 22, 2010, accessed on Nexis

Christian Science Monitor, Stuxnet spyware targets industrial facilities, via USB memory stick, July 23, 2010, accessed on Nexis

Jerusalem Post, Iran targeted by computer worm, July 26, 2010, accessed on Nexis

Christian Science Monitor, Stuxnet malware is 'weapon' out to destroy Iran's Bushehr nuclear plant?, September 21, 2010, accessed on Nexis

The Independent (London), Has west declared cyber war on Iran?, September 28, 2010, accessed on Nexis

Weekend Australian, Israel and Iran on brink of virus-borne confrontation, October 16, 2010, accessed on Nexis

Christian Science Monitor, Stuxnet: Ahmadinejad admits cyberweapon hit Iran nuclear program, November 30, 2010, accessed on Nexis

Jerusalem Post, Stuxnet virus has set back Iran's nuclear program by 2 years, December 15, 2010, accessed on Nexis

PBS Interactive: Play the role of Stuxnet and sabotage a rogue nuclear weapons program, May 19, 2011

CBS News, Face the Nation,June 3, 2012

The Hill, Senate Democrats blast national security leak about cyberattack against Iran, June 5, 2012

Senate Select Committee on Intelligence, Press release on leaks of classified national security information, June 6, 2012

Executive Office of the President, Press Conference, June 8, 2012

Bloomberg News, U.S. names prosecutors to probe press leaks, June 9, 2012

CNN, Erin Burnett Out Front, June 4, 2012, accessed on Nexis

The Hill, Senate Democrats blast national security leak about cyberattack against Iran, June 5, 2012

Senate Select Committee on Intelligence,Press release on leaks of classified national security information, June 6, 2012

CNN International,June 6, 2012

Executive Office of the President, Press Conference, June 8, 2012

Bloomberg News, U.S. names prosecutors to probe press leaks, June 9, 2012

CNN, O’Brien and Sanger, June 6, 2012

CNN, Christiane Amanpour with David Sanger, June 8, 2012

Congressional Record, June 12, 2012

Browse the Truth-O-Meter

More by Jon Greenberg

Group says Obama administration 'willfully leaked' existence of computer worm used against Iran

Support independent fact-checking.
Become a member!

In a world of wild talk and fake news, help us stand up for the facts.

Sign me up