Eric Chien, a leading cybersecurity expert at Symantec, discusses the Showtime doc’ Zero Days ,’ how he uncovered the Stuxnet cyberattack on Iran, the election hackers, and much more.”>
Acclaimed filmmaker Alex Gibneys latest chronicles the Stuxnet computer virus, a cyberweapon said to be created by the U.S. and Israel that targeted the Natanz nuclear enrichment lab in Iran, decommissioning approximately 1,000 centrifuges and slowing down the countrys nuclear program. Stuxnet was part of Operation Olympic Gamesa covert campaign waged by the two countries against Irans nuclear facilities that began under President George W. Bush in 2006, and continued under President Barack Obama. Olympic Games is likely the most significant covert manipulation of the electromagnetic spectrum since World War II, when cryptanalysts broke the Enigma cipher that allowed access to Nazi codes, wrote The Atlantic.
Zero Days interviews several CIA and NSA employees who assert that Olympic Games was part of a much larger Iranian cyber mission called Nitro Zeus. In the event that Israel launched airstrikes against Iran, the U.S. and Israel allegedly infiltrated Iranian command and control systems so they couldnt speak to each other in a fight; their IADs, or missile defense systems; electricity grid; transportation; and financial systems. We were inside waiting, watching, ready to disrupt, degrade, and destroy those systems with cyberattacks, the agents say in the film. We were everywhere inside Iran. Still are.
One of the computer experts who decoded and investigated Stuxnet was Eric Chien, a cybersecurity expert at Symantec whose job, he tells, consists of anything from protected your 16 -digit credit card number to protecting things like U.S. critical infrastructure. His job, more specifically, is to examine all the latest cyberattacks in order to understand how the attackers work, how their programs work, and how to build protections against them.
The Daily Beast spoke to Chien about state-sponsored cyberwarfare, the hackers on the Democratic National Committee and Clinton campaign chief John Podesta, and why we shouldnt be too worried about hacking on Election Day.
The issue has come to the fore in the 2016 U.S. general elections. The Department of Homeland Security and the Office of the Director of National Intelligencea blended 17 intelligence agenciesissued a statement saying Russia was behind the election hacking.
I understand you and your firm have spent significant day analyzing the DNC and Podesta hackers. What groups are responsible, and how did you decide attribution?
Weve analyzed the tools, the binaries, and the infrastructure that was used in the two attacks, and from that we can confirm that its connected to a group that has two names. One is Sofacy, or Cozy Bear, and The Dukes, which is also known as Fancy Bear. From the binary analysis point of view, I can tell you that the activities of these attackers have been during Russian working hours, either centres on UTC +3 or UTC +4; they dont work Russian holidays; they work Monday to Friday; there are speech identifiers inside that are Russian; when you look at all the victim profiles they would be in interest to the Russian nation-state. So all of that stuff fits the specific characteristics. Now, could all those things be false flags? Sure. Other government entities plainly have come out and said it is the Russian state, and the binary forensics would definitely match that.