According to history books, the Olympic Games has Greek roots and is considered as the world's foremost sports competition.

According to the United States' administration, the Olympic Games has American roots and is considered as the US’s first cyber-attack program.

What is “Olympic Games” and how its root became American?

Olympic Games, from an American perspective, dates back from 2006 where the US administration decided to launch a cyber-attack against the Iranian Nuclear Program. The NYTimes states that "having falsely accused Saddam Hussein of reconstituting his nuclear program in Iraq, Mr. Bush had little credibility in publicly discussing another nation’s [Iran] nuclear ambitions."

In addition, the US administration has stated that “they would only further inflame a region already at war”. Having few ‘good’ options in dealing with the Iranians, Olympic Games entered in action.

Step 1 – Beacon

The first phase of the Olympic Games operation was to gain knowledge on the Natanz’s main infrastructure; the Iranian's Natanz Nuclear Facility is recognized as one of Iran's main nuclear enrichment facility with over than 5000 centrifuges.

A ‘beacon’ for this purpose was developed and using “social engineering”, the beacon was introduced into the facility. After few months, the ‘beacon’ reported home and the US had in hand the electrical blueprint of the Natanz plant and was able to understand how the computers there were working.

The main idea was to build the equivalent of the Natanz plant in order to test additional ‘beacons’ before introducing them into Iran.

Step 2 – Virtual Replica

Back in 2003, Libya took the decision to stop its nuclear weapons’ program and therefore placed the centrifuges in storage at a weapons’ laboratory.

Under extreme secrecy, the US “borrowed” these centrifuges and started “reproducing” the Natanz Plant.

The next phase was to create a ‘malware’ that was able to dissimulate itself inside the Natanz’ information system and invade the computers.

Step 3 – Stuxnet

After several attempts in the “test environment”, the ‘malware’ was declared as ready to be implemented into the real target: Iran’s underground enrichment plant.

Using spies with physical access to the plant, the first variants of the ‘malware’ were spread inside Natanz and the centrifuges began spinning out of control in 2008.

“When it attacked, it sent signals to the Natanz control room indicating that everything downstairs was operating normally” according to one of US officials who told NYTimes.

The US was regularly updating the ‘malware’ and sending it into Natanz to conduct additional attacks.

In the summer of 2010, a new variant was sent but surprisingly, it contained a bug error. It broke free, left Natanz, replicated itself all around the world and the code was exposed to the wild.

This is the origin of ‘Daddy’ Stuxnet, according to NYTimes.

Cyberweapon Future

On September 23, 2010, experts told BBC that Stuxnet [discovered in June 2010] is one of the most sophisticated pieces of malware ever detected [and] is probably targeting "high value" infrastructure in Iran.

On October 18, 2011, FoxNews revealed the presence of a “Baby” boy ‘Duqu’ that “shares a great deal of code with Stuxnet [but its] payload is completely different”.

On May 28, 2012, Iran National CERT (Maher) announces the discovery of a highly sophisticated malicious program codenamed “Flame” which occupies more than 20 MB of code.

Consider this: it took Kaspersky, the Russian Antivirus company, several months to analyze the Stuxnet’s 500KB of code. How many months will it probably take them to fully understand the 20MB code of Flame?

-- Written by Georgy Kfoury (@GerogyKfoury) .
This article is adapted from “Obama Order Sped Up Wave of Cyberattacks Against Iran - NYTimes” written by David Sanger posted on June 1st, 2012.