This a collection of the footnotes from Kim Zetter's incredible book Countdown to Zero Day which included references to resources available online. When I was reading the book, I found myself taking notes of all the pages containing links I could go to for further consumption - in case anyone else would have the same experience as me, I wanted to make it easy for someone to access all these linked resources. The edition that I read was the first paperback edition from Broadway Books with the ISBN 978-0-7704-3619-3 so I can't guarantee page numbers are correct for other editions that might be available.
Where necessary, I've tidied the links due to them changing since publication, containing errors or unnecessary jumplinks etc. If the link is dead I've tried to source an alternative or linked to a snapshot of it on the wonderful Internet Archive. Some of the footnotes contained references without URLs which I knew were probably available online so I've added links to them wherever possible. I'm also in the ongoing process of adding snapshots of all the links.
If you're in the UK, you can buy Countdown to Zero Day from hive.co.uk and check out @KimZetter on Twitter or read her articles online at The Intercept and Wired. You can also hear her talk about Stuxnet on an episode of the podcast Dark Net Diaries. And for even more Stuxnet, Michael Mann's fictional cyber thriller Blackhat was inspired by the attack.
On 02 September 2019, Kim Zetter and Huib Modderkolk published an article "Revealed: How a secret Dutch mole aided the U.S.-Israeli Stuxnet cyberattack on Iran" after finally uncovering details of how the Natanz facility was originally infiltrated.
Please send any corrections or comments to @roddie_digital on Twitter.
Table of contents
Chapter 1 -- Early Warning
Chapter 2 -- 500 Kilobytes of Mystery
Chapter 3 -- Natanz
Chapter 4 -- Stuxnet Deconstructed
Chapter 5 -- Springtime for Ahmadinejad
Chapter 6 -- Digging for Zero Days
Chapter 7 -- Zero-Day Paydays
Chapter 8 -- The Payload
Chapter 9 -- Industrial Controls Out of Control
Chapter 10 - Precision Weapon
Chapter 11 - A Digital Plot Is Hatched
Chapter 12 - A New Fighting Domain
Chapter 13 - Digital Warheads
Chapter 14 - Son of Stuxnet
Chapter 15 - Flame
Chapter 16 - Olympic Games
Chapter 17 - The Mystery of the Centrifuges
Chapter 18 - Qualified Success
Chapter 19 - Digital Pandora
Chapter 1 - Early Warning
p7 ch1 3 Information about VirusBlokAda's encounter with the malware comes from interviews with Sergey Ulasen and Oleg Kupreev, as well as from an account published by Kaspersky Lab in 2011, after the Russian antivirus firm hired Ulasen away from VirusBlokAda. That interview, "The Man Who Found Stuxnet - Sergey Ulasen in the Spotlight," was published November 2, 2011.
p14 ch1 17 Krebs, a former Washington Post reporter, runs the KrebsonSecurity.com blog, which focuses on computer security and cybercrime. He published his post "Experts Warn of New Windows Shortcut Flaw" July 15, 2010.
p14 ch1 18 Lenny Zeltser, "Preempting a Major Issue Due to the .LNK Vulnerability - Raising Infocon to Yellow," published July 19, 2010.
p14 ch1 20 "Vulnerability in Windows Shell Could Allow Remote Code Execution," Microsoft advisory, August 2, 2010.
Chapter 2 - 500 Kilobytes of Mystery
p25 ch2 3 Nicolas Falliere, Liam O'Murchu, and Eric Chien, "W32.Stuxnet Dossier" (report, February 2011), 13-15. Symantec's extensive dossier describes in detail Stuxnet's technical specs and what each function in the code is designed to do.
Chapter 3 - Natanz
p44 ch3 14 "Experts Believe Iran May Be Developing Nuclear Capabilities," CNN Live on Location, December 13, 2002.
p45 ch3 15 Digital National Security Archive, "US Supplied Nuclear Material to Iran," January 29, 1980, (registration required). #todo sign up and grab this?
Dieter Bednarz and Erich Follath, "The Threat Next Door: A Visit to Ahmadinejad's Nuclear Laboratory," Spiegel Online, June 24, 2011.
p46 ch3 19 In fact, Iran discussed plans with Israel to adapt surface-to-surface missiles to fit them with nuclear warheads. See Paul Michaud, "Iran Opted for N-bomb Under Shah: Ex-Offical," Dawn, September 23, 2003.
p47 ch3 22 Institute for Science and International Security, "Excerpts from Internal IAEA Document on Alleged Iranian Nuclear Weaponization," October 2, 2009. The ISIS report is based on an IAEA internal document titled "Possible Military Dimensions of Iran's Nuclear Program."
p48 ch3 25 The items were listed on a handwritten document the IAEA obtained that was described in IAEA Board of Governors, "Director General, Implementation of the NPT Safeguards Agreement in the Islamic Republic of Iran, GOV/2005/67" (report, September 2, 2005), 5.
p49 ch3 26 In November 2007, according to the IAEA Board of Governors, Iran gave the IAEA a copy of the fifteen-page document, "Implementation of the NPT Safeguards Agreement and relevant provisions of Security Council resolutions 1737 (2006) and 1747 (2007) in the Islamic Republic of Iran" (report, February 22, 2008), 4. Iran claimed it had not requested the document but received it unsolicited from the black marketeers.
p49 ch3 27 Erich Follath and Holger Stark, "The Birth of a Bomb: A History of Iran's Nuclear Ambitions," Der Spiegel, June 17, 2010.
p49 ch3 28 IAEA Board of Governors, "Implementation of the NPT Safeguards Agreement in the Islamic Republic of Iran" (report, November 10, 2003), 5.
p50 ch3 31 IAEA Board of Governors, "Director General, Implementation of the NPT Safeguards Agreement" (report September 2, 2005), 5.
Chapter 4 - Stuxnet Deconstructed
Chapter 5 - Springtime for Ahmadinejad
p69 ch5 1 Khatami was speaking in Tehran on February 9, 2003, during a meeting between the Ministry of Science, Research and Technology and university chancellors. Parts of his speech were reported, "Khatami on the Right of All Nations to Nuclear Energy," Iran Watch.
p71 ch5 4 David Albright and Mark Hibbs, "Iraq's Nuclear Hide and Seek," Bulletin of the Atomic Scientists 47 (September 1991): 27. #todo google books
p72 ch5 8 David Albright and Corey Hinderstein, "The Iranian Gas Centrifuge Uranium Enrichment Plant at Natanz: Drawing from Commercial Satellite Images," ISIS, March 14, 2003.
[snapshot][pdf][fig 1][fig 2][fig 3][fig 4]
IAEA Board of Governors, "Implementation of the NPT Safeguards Agreement in the Islamic Republic of Iran" (report, June 6, 2003), 6.
p75 ch5 12 IAEA Board of Governors, "Implementation of the NPT Safeguards Agreement in the Islamic Republic of Iran" (report, November 10, 2003), 6-7.
p76 ch5 15 The information comes from a transcript of an announcement made by NCRI spokesman Alireza Jafarzadeh. "Iran-Nuclear: Iranian Regime's New Nuclear Sites."
p77 ch5 16 Rega Aghazadeh, vice president of Iran, in a letter to the IAEA on October 21, 2003, as quoted in IAEA Board of Governors, "Implementation of the NPT Safeguards Agreement in the Islamic Republic of Iran" (report, November 10, 2003), 4.
p78 ch5 19 Iran claimed the site had been razed beginning in December 2003 due to a land dispute between the Ministry of Defense and the city of Tehran. The site was razed in order to return the land to the city. See ISIS, "The Physics Research Center and Iran's Parallel Military Nuclear Program," February 23, 2012.
p79 ch5 20 Erich Follath and Holger Stark, "The Birth of a Bomb: A History of Iran's Nuclear Ambitions," Der Spiegel, June 17, 2010.
p80 ch5 23 Erich Follath and Holger Stark, "The Birth of a Bomb: A History of Iran's Nuclear Ambitions," Der Spiegel, June 17, 2010.
p80 ch5 24 David Albright, Jacqueline Shire, and Paul Brannan, "May 26, 2008 IAEA Safeguards Report on Iran: Centrifuge Operation Improving and Cooperation Lacking on Weaponization Issues," May 29, 2008.
p81 ch5 26 Karl Vick, "Iran's President Calls Holocaust 'Myth' in Latest Assault on Jews," Washington Post, Foreign Service, December 15, 2005.
p82 ch5 27 "06Kuwait71, Kuwait's Country Wide Radiation Monitoring System," US State Department cable from the US embassy in Kuwait to the State Department in Washington, DC, January 2006. Published by WikiLeaks.
p82 ch5 28 The assessment comes from Ariel (Eli) Levite, deputy directory general of the Israel Atomic Energy Commission, in a September 2005 US State Department cable from the Tel Aviv embassy, published by WikiLeaks.
p82 ch5 29 "06TelAviv293, Iran: Congressman Ackerman's January 5 Meeting at," US State Department cable from the US embassy in Tel Aviv, January 2006. Published by WikiLeaks. See page 200 in this book for an explanation of the problems.
p83 ch5 30 Privately, Israel and Russia both told the United States they believed Iran could actually master its enrichment difficulties within six months. See "06Cairo601, Iran; Centrifuge Briefing to Egyptian MFA," US State Department cable, February 2006, published by WikiLeaks.
p83 ch5 31 "06TelAviv688, Iran-IAEA: Israeli Atomic Energy Commission," US State Department cable, February 2006, published by WikiLeaks.
p84 ch5 34 "07Berlin1450, Treasury Under Secretary Levey Discusses Next," US State Department cable from the embassy in Berlin, July 2007, published by WikiLeaks. The cable mentions that at least thirty Iranian front companies had been established for procurement.
p85 ch5 37 Just when matters with Iran were at their most tense, North Korea tested a nuclear device. The deteriorating nuclear situation on multiple fronts prompted the Bulletin of the Atomic Scientists on January 17, 2007, to move the minute hand of its famous Doomsday Clock two minutes to midnight. Instead of seven minutes to Doomsday, it was now set to five.
p85 ch5 40 "Prime Minister Ehud Olmert's Address at the 2007 Herzliya Conference," January 24, 2007. A translation is available.
p86 ch5 41 "McConnell Fears Iran Nukes by 2015," Washington Times, February 27, 2007.
p86 ch5 42 Steven Lee Myers, "An Assessment Jars a Foreign Policy Debate About Iran," New York Times, December 4, 2007.
Chapter 6 - Digging for Zero Days
p94 ch6 7 Carsten Kohler, "Print Your Shell," Hakin9, April 1, 2009.
p95 ch6 8 The post on the English-language forum where the Siemens password was posted was available but the post has since been deleted.
Chapter 7 - Zero-Day Paydays
p102 ch7 1 Andy Greenberg, "Shopping for Zero-Days: A Price List for Hackers' Secret Software Exploits," Forbes, March 23, 2012.
p104 ch7 2 Charlie Miller, "The Legitimate Vulnerability Market: Inside the Secretive World of 0-Day Exploit Sales," Independent Security Evaluators, May 6, 2007.
p105 ch7 5 Greenberg, "Shopping for Zero-Days: A Price List for Hackers' Secret Software Exploits."
p107 ch7 6 Tonya Layman, "Rouland's Tech Security Firm Growing Fast," Atlanta Business Chronicle, June 11, 2011.
p110 ch7 8 From a press release titled "VUPEN Gets Entrepreneurial Company of the Year Award in the Vulnerability Research Market," June 1, 2006.
p110 ch7 9 The brochure, "VUPEN Threat Protection Program," is available.
p113 ch7 11 Ryan Naraine, "0-Day Exploit Middlemen Are Cowboys, Ticking Bomb," ZDNet.com, February 16, 2012.
p114 ch7 13 "The Wassenaar Arrangement on Export Controls for Conventional Arms and Dual-Use Goods and Technologies," Public Statement 2013 Plenary Meeting.
Chapter 8 - The Payload
p126 ch8 4 Con Coughlin, "Who's Blowing up Iran's Gas Pipelines?" The Telegraph, August 18, 2010.
p126 ch8 5 Argence France-Presse, "Suspected Kurd Rebels Blow up Iran-Turkey Gas Pipeline," July 2010.
p126 ch8 6 "Petrochemical Factory Blast Kills 4 in Iran," Associated Press, July 25, 2010.
p126 ch8 7 "Explosion in Petrochemical Complex in Asalouyeh Kills 5," Tabnak News Agency, August 4, 2010.
p126 ch8 8 Ivan Watso and Yesim Comert, "Kurdish Rebel Group Claims Responsibility for Gas Pipeline Blast," CNNWorld, July 21, 2010.
p127 ch8 9 Nicolas Falliere, "Stuxnet Introduces the First Known Rootkit for Industrial Control Systems," Symantec blog, August 6, 2010.
Chapter 9 - Industrial Controls Out of Control
p133 ch9 3 Industrial control system incidents are tracked in the RISI database (Repository of Industrial Security Incidents), which began recording incidents in 2001 but fell dormant between 2006 and 2009. The subscription database is maintained by the Security Incidents Organization.
p133 ch9 4 Mary Niland, "Computer Virus Brings Down Train Signals," Associated Press, August 20, 2003.
p133 ch9 5 See Kevin Poulsen, "Slammer Worm Crashed Ohio Nuke Plant Network," SecurityFocus, August 19, 2003.
p133 ch9 6 "Cybersecurity: Preparing for and Responding to the Enduring Threat," Speech to the Senate Committee on Appropriations, June 12, 2012.
p133 ch9 7 Lewis was speaking on the Diane Rehm radio show, broadcast by WAMU in Southern California, on June 4, 2012.
p135 ch9 9 "Teen Hacker Pleads Guilt to Crippling Mass. Airport" Boston Globe, March 19, 1998. EU readers can access a snapshot on archive.org
p135 ch9 10 "Teen Hacker Faces Federal Charges," CNN, March 18, 1998.
p136 ch9 11 "Critical Foundations: Protecting America's Infrastructures," President's Commission on Critical Infrastructure Protection, October 1997.
p136 ch9 12 "Electric Power Risk Assessment," National Security Telecommunications Advisory Committee, Information Assurance Task Force.
p138 ch9 16 Statistics referenced, "Electric Power Risk Assessment," Solar Storms.
p139 ch9 18 See Marshall Abrams and Joe Weiss, "Malicious Control System Cyber Security Attack Case Study - Maroochy Water Services, Australia," February 23, 2008.
p141 ch9 20 Barton Gellman, "Cyber-Attacks by Al Qaeda Feared," Washington Post, June 27, 2002.
p141 ch9 22 "Critical Infrastructure Sectors," CISA.
p142 ch9 25 Department of Homeland Security, "The National Strategy for the Physical Protection of Critical Infrastructures and Key Assets" (report, The White House, February 2003), 9.
p145 ch9 28 Kim Zetter, "Hard-Coded Password and Other Security Holes Found in Siemens Control Systems," Wired.com, August 3, 2011.
p146 ch9 31 Kim Zetter, "Researchers Uncover Holes That Open Power Stations to Hacking," Wired.com, October 16, 2013.
p147 ch9 32 Jordan Robertson, "Science Fiction-Style Sabotage a Fear in New Hacks," Associated Press, October 23, 2011. Also available as a PDF.
p148 ch9 35 Kim Zetter, "10K Reasons to Worry About Critical Infrastructure," Wired.com, January 24, 2012.
p148 ch9 36 Paul F. Roberts, "Hacker Says Texas Town Used Three Character Password to Secure Internet Facing SCADA System," Threatpost blog, November 20, 2011.
p149 ch9 37 pr0f's statement, "The Grid: A Digital Frontier," appeared on the Pastebin site on November 18, 2011.
p150 ch9 39 Kim Zetter, "Chinese Military Linked to Hacks of More Than 100 Companies," Wired.com, February 19, 2013.
For more information on the specifics of the Telvent hack, see also Kim Zetter, "Maker of Smart-Grid Control Software Hacked," Wired.com, September 26, 2012.
p150 ch9 41 See Robert H. Anderson and Anthony C. Hearn, "An Exploration of Cyberspace Security R&D Investment Strategies for DARPA: The Day After . . . in Cyberspace II," RAND, 1996.
p151 ch9 42 Bill Gertz, "Computer-Based Attacks Emerge as Threat of Future, General Says," Washington Times, September 13, 2011.
p151 ch9 43 Joe P. Hasler, "Investigating Russia's Biggest Dam Explosion: What Went Wrong," Popular Mechanics, February 2, 2010.
p152 ch9 44 "Pipeline Rupture and Subsequent Fire in Bellingham, Washington June 10, 1999," published by the National Transportation Safety Board, 2002.
p153 ch9 45 "Pacific Gas and Electric Company Natural Gas Transmission Pipeline Rupture and Fire," National Transportation Safety Board, September 9, 2010.
p153 ch9 46 J. David Rogers and Conor M. Watkins, "Overview of the Taum Sauk Pumped Storage Power Plant Upper Reservoir Failure, Reynolds County, MO," presented at the 6th International Conference on Case Histories in Geotechnical Engineering, Arlington, VA, August 11-16, 2008.
p153 ch9 47 Emitt C. Witt III, "December 14th, 2005 Taum Sauk Dam Failure at Johnson's Shut-Ins Park in Southeast Missouri," National Oceanic and Atmospheric Administration.
p154 ch9 48 Lyndsey Layton, "Metro Crash: Experts Suspect System Failure, Operator Error in Red Line Accident," Washington Post, June 23, 2009.
p154 ch9 49 Graeme Baker, "Schoolboy Hacks into City's Tram System," Telegraph, January 11, 2008.
p157 ch9 51 A YouTube video of the simulation of smart-meter propagation can be seen online. As can Davis's presentation slides, "SmartGrid Device Security: Adventures in a New Medium," and two other smart meter simulations. PDF of the presentation.
p160 ch9 55 Rebecca Smith, "U.S. Risks National Blackout from Small-Scale Attack," Wall Street Journal, March 12, 2004. Free mirror for non-WSJ subscribers.
p161 ch9 57 Justin Blum, "Hackers Target US Power Grid," Washington Post, March 11, 2005.
p162 ch9 58 Florida Power and Light, "FPL Announces Preliminary Findings of Outage Investigation," February 29, 2008.
Chapter 10 - Precision Weapon
p168 ch10 3 Robert McMillan, "After Worm, Siemens Says Don't Change Passwords," PCWorld.com, July 19, 2010.
p169 ch10 5 ICS-CERT Advisory ICSA-10-201-01C, "USB Malware Targeting Siemens Control Software," August 2, 2010, with subsequent updates.
And ICS-CERT Advisory ICSA-10-238-01B, "Stuxnet Malware Mitigation," September 15, 2010.
p176 ch10 7 The screenshot, taken by a UPI photographer, of a computer screen at Bushehr, February 2009.
p179 ch10 9 The article appeared in the German newspaper Frankfurter Allgemeine Zeitung on September 22, 2010. The article is in German, but he describes its content in English in the blog post published on his website.
p180 ch10 11 Dan Williams, "Wary of Naked Force, Israelis Eye Cyberwar on Iran," July 7, 2009.
p180 ch10 12 "Serious nuclear accident may lay behind Iranian nuke chief's mystery resignation," WikiLeaks, July 17, 2009.
p180 ch10 13 "Iranian nuclear chief steps down," BBC News, July 16, 2009.
p182 ch10 15 John Markoff, "A Silent Attack, but Not a Subtle One," New York Times, September 26, 2010.
p183 ch10 16 Laurent Maillard, "Iran Denies Nuclear Plant Computers Hit by Worm," Agence France-Presse, September 26, 2010.
p183 ch10 17 David E. Sanger, "Iran Fights Malware Attacking Computers," New York Times, September 25, 2010.
p183 ch10 18 Ken Timmerman, "Computer Worm Wreaking Havoc on Iran's Nuclear Capabilities," Newsmax, April 27, 2011.
p183 ch10 19 Maillard, "Iran Denies Nuclear Plant Computers Hit by Worm."
p184 ch10 20 "Iran Military Official: Israel, US Behind Stuxnet Computer Worm," Associated Press, April 16, 2011.
Chapter 11 - A Digital Plot Is Hatched
p191 ch11 1 Spiegel staff, "Cables Show Arab Leaders Fear a Nuclear Iran," Der Spiegel, December 1, 2010.
p191 ch11 2 US State Department cable, from CDA Michael Gfoeller, April 20, 2008.
p191 ch11 3 "Cables Show Arab Leaders Fear a Nuclear Iran," Der Spiegel.
p191 ch11 4 Jeffrey Goldberg, "The Point of No Returns," The Atlantic Monthly, September 2010.
p192 ch11 7 Erich Follath and Holger Stark, "The Story of 'Operation Orchard': How Israel Destroyed Syria's Al Kibar Nuclear Reactor," Der Spiegel, November 2, 2009.
For more information about the electronic warfare used to take out the radar station, see David A. Fulghum, "U.S. Watches Israeli Raid, Provides Advice," Aviation Week, November 21, 2007.
p192 ch11 8 Julian Borger, "Israeli Airstrike Hit Military Site, Syria Confirms," Guardian, October 1, 2007.
p193 ch11 10 Tim Shipman, "U.S. Pentagon Doubts Israeli Intelligence Over Iran's Nuclear Program," Telegraph, July 5, 2008.
p193 ch11 11 US State Department cable, "Israeli NSA Eiland on Iranian Nuclear Threat," April 26, 2006, published by WikiLeaks.
p193 ch11 12 Erich Follath and Holger Stark, "The Birth of a Bomb: A History of Iran's Nuclear Ambitions," Der Spiegel, June 17, 2010.
p194 ch11 13 David E. Sanger, "U.S. Rejected Aid for Israeli Raid on Iranian Nuclear Site," New York Times, January 10, 2009.
p194 ch11 14 David E. Sanger, "Iran Moves to Shelter Its Nuclear Fuel Program," New York Times, September 1, 2011.
p196 ch11 16 David Albright and Paul Brannan, "New Tunnel Construction at Mountain Adjacent to the Natanz Enrichment Complex," ISIS, July 9, 2007.
See also William Broad, "Iran Shielding Its Nuclear Efforts in Maze of Tunnels," New York Times, January 5, 2010.
p197 ch11 17 The newsletter was later declassified. See Gus Weiss, "The Farewell Dossier: Strategic Deception and Economic Warfare in the Cold War," in Studies in Intelligence, 1996.
p201 ch11 24 Gholam Reza Aghazadeh interview, January 2007, with Ayande-ye (New Future). The interview itself is not online, but it's referenced in Sheila MacVicar and Farhan Bokhari, "Assessing Iran's Nuclear Program," CBS News, April 4, 2007. (Looks like this is for CBS subscribers only?)
p201 ch11 26 Sanger, "U.S. Rejected Aid for Israeli Raid"
p202 ch11 28 Ellen Nakashima and Joby Warrick, "Stuxnet Was Work of U.S. and Israeli Experts, Officials Say," Washington Post, June 2, 2012.
p203 ch11 29 Sanger, "U.S. Rejected Aid for Israeli Raid"
Chapter 12 - A New Fighting Domain
p204 ch12 1 John Arquilla and David Ronfeldt, "Cyberwar Is Coming!" published by RAND in 1993 and reprinted as chapter 2 in Arguilla and Ronfeldt's book In Athena's Camp: Preparing for Conflict in the Information Age (RAND, 1997).
p206 ch12 2 John Arquilla was speaking to PBS Frontline in 2003 for its show "CyberWar!"
p207 ch12 6 A thirty-nine-page book recounts the history of the 609th. A copy of the book, titled 609 IWS: A Brief History Oct. 1995-June 1999, was obtained under a FOIA request and is available online.
p208 ch12 7 John "Soup" Campbell speaking as part of a panel titled "Lessons from Our Cyber Past: The First Military Cyber Units," at the Atlantic Council, March 5, 2012. Campbell was the first commander of the Joint Task Force-Computer Network Defense in December 1998 and later was principal adviser to the CIA director on military issues. A transcript of the panel discussion can be found online.
p209 ch12 8 Bradley Graham, "U.S. Studies a New Threat: Cyber Attack," Washington Post, May 24, 1998.
p209 ch12 11 Maj. Gen. James D. Bryan, founding commander of the JTF-Computer Network Operations, speaking on the panel "Lessons from Our Cyber Past: The First Military Cyber Units."
p211 ch12 15 Author redacted, "IO, IO, It's Off to Work We Go," Cryptolog: The Journal of Technical Health (Spring 1997): 9. Cryptolog is an internal classified quarterly newsletter produced by and for NSA employees that includes everything from book reviews to employee profiles to technical articles about topics of interest. In 2013, the agency declassified issues published between 1974 and 1999 and released them publicly, though parts of them are still redacted. The archive is available online.
p212 ch12 19 William M. Arkin, "A Mouse that Roars?" Washington Post, June 7, 1999.
p212 ch12 20 Department of Defense Office of the General Counsel, "An Assessment of International Legal Issues in Information Operations," published May 1999.
p213 ch12 21 See "Software Problem Led to System Failure at Dhahran, Saudi Arabia," US Government Accountability Office, February 4, 1992. Direct link to PDF.
p213 ch12 22 Bryan, "Lessons from Our Cyber Past: The First Military Cyber Units."
p214 ch12 23 "The Information Operations Roadmap," dated October 30, 2003, is a seventy-four-page report that was declassified in 2006, though the pages dealing with computer network attacks are heavily redacted. Direct link to the PDF.
p215 ch12 24 Arquilla Frontline "CyberWar!" Interview. A Washington Post story indicates that attacks on computers controlling air-defense systems in Kosovo were launched from electronic-jamming aircraft rather than over computer networks from ground-based keyboards. Bradley Graham, "Military Grappling with Rules for Cyber," Washington Post, November 8, 1999.
p215 ch12 25 James Risen, "Crisis in the Balkans: Subversion; Covert Plan Said to Take Aim at Milosevic's Hold on Power," New York Times, June 18, 1999.
A Washington Post story says the plan never came to fruition. "We went through the drill of figuring out how we would do some of these cyber things if we were to do them," one senior military officer told the paper. "But we never went ahead with any." Graham, "Military Grappling with Rules for Cyber."
p215 ch12 26 John Markoff and H. Sanker, "Halted '03 Iraq Plan Illustrates US Fear of Cyberwar Risk," New York Times, August 1, 2009.
p216 ch12 27 David A. Fulghum, Robert Wall, and Amy Butler, "Israel Shows Electronic Prowess," Aviation Week, November 25, 2007. The article is no longer available on the Aviation Week website but has been preserved in full at warsclerotic.com
p216 ch12 28 "Electronic Warfare: DOD Actions Needed to Strengthen Management and Oversight," published by the US Government Accountability Office, July 2012.
p216 ch12 29 Eric Shmitt and Thom Shanker, "US Debated Cyberwarfare in Attack Plan on Libya," New York Times, October 17, 2011.
p217 ch12 30 Greg Miller, Julie Tate, and Barton Gellman, "Documents Reveal NSA's Extensive Involvement in Targeted Killing Program," Washington Post, October 16, 2013.
p217 ch12 31 Barton Gellman and Ellen Nakashima, "U.S. Spy Agencies Mounted 231 Offensive Cyber-Operations in 2011, Documents Show," Washington Post, August 30, 2013.
p218 ch12 32 The NSA accomplishes this by installing the implant in the BIOS of machines as well as in the master boot record—core parts of the hard drive that don't get wiped when software on the computer gets upgraded or erased. See "Interactive Graphic: The NSA's Spy Catalog," Spiegel Online.
p219 ch12 34 Glenn Greenwald and Ewen MacAskill, "Obama Orders US to Draw up Overseas Target List for Cyber-Attacks," Guardian, June 7, 2013. The eighteen-page Presidential Policy Directive 20 was issued in October 2012, and refers to offensive cyberattacks as Offensive Cyber Effects Operations.
p219 ch12 35 Gellman and Nakashima, "U.S. Spy Agencies Mounted 231 Offensive Cyber-Operations"
p220 ch12 36 Roger A. Grimes, "In His Own Words: Confessions of a Cyber Warrior," InfoWorld, July 9, 2013.
p222 ch12 40 Joseph Menn, "Special Report: US Cyberwar Strategy Stokes Fear of Blowback," Reuters, May 10, 2013.
p223 ch12 42 Summer Lemon, "Average Zero-Day Bug Has 348-Day Lifespan, Exec Says," IDG News Service, July 9, 2007.
p223 ch12 43 Robert Lemos, "Zero-Day Attacks Long-Lived, Presage Mass Exploitation," Dark Reading, October 18, 2012. The research was conducted by Symantec.
p224 ch12 45 Michael Riley, "U.S. Agencies Said to Swap Data with Thousands of Firms," Bloomberg, June 14, 2013.
Chapter 13 - Digital Warheads
p237 ch13 6 Eric Chien, "Stuxnet: A Breakthrough," Symantec blog, November 12, 2010.
p239 ch13 7 "Iranian Nuclear Scientist Killed in Motorbike Attack," BBC, November 29, 2010.
p240 ch13 8 William Yong and Robert F. Worth, "Bombings Hit Atomic Experts in Iran Streets," New York Times, November 29, 2010.
p240 ch13 11 Dieter Bednarz and Ronen Bergman, "Israel's Shadowy War on Iran: Mossad Zeros in on Tehran's Nuclear Program," Spiegel Online, January 17, 2011.
p240 ch13 12 "Iran's Chief Nuclear Negotiator: 'We Have to Be Constantly on Guard,'" Der Spiegel, January 18, 2011.
p241 ch13 13 In a 2014 interview, Alimohammadi's widow said that her husband had indeed been secretly working on Iran's nuclear program. See Scott Peterson, "Covert War Against Iran's Nuclear Scientists: A Widow Remembers," Christian Science Monitor, July 17, 2014.
p241 ch13 14 "How West Infiltrated Iran's Nuclear Program, Ex-Top Nuclear Official Explains," Iran's View, March 28, 2014.
p241 ch13 15 Yong and Worth, "Bombings Hit Atomic Experts in Iran Streets."
p242 ch13 17 Yong and Worth, "Bombings Hit Atomic Experts in Iran Streets."
p247 ch13 18 William J. Broad, John Markoff, and David E. Sanger, "Israeli Test on Worm Called Crucial in Iran Nuclear Delay," New York Times, January 15, 2011.
Chapter 14 - Son of Stuxnet
p259 ch14 8 Dugald McConnel, "Iranian Official: New Computer Worm Discovered," CNN, April 27, 2011.
p261 ch14 11 Symantec's Duqu report, "W32.Duqu: The Precursor to the Next Stuxnet", November 23, 2011.
p267 ch14 20 Kelly Jackson Higgins, "Same Toolkit Spawned Stuxnet, Duqu, and Other Campaigns," Dark Reading, January 3, 2012.
p270 ch14 24 A blogger for the Finnish antivirus firm F-Secure called it "one badass exploit." November 2, 2011, "Duqu Attack's Installer Discovered."
p270 ch14 26 See "When Volcanic Ash Stopped a Jumbo at 37,000ft," BBC, April 15, 2010.
Chapter 15 - Flame
p284 ch15 9 Kim Zetter, "Meet Flame, the Massive Spy Malware Infiltrating Iranian Computers," Wired.com, May 28, 2012.
p288 ch15 14 Slides for the presentation "MD5 Considered Harmful Today: Creating a Rogue CA Certificate" by Sotirov and his colleagues.
p290 ch15 18 Ellen Nakashima, "U.S., Israel Developed Flame Computer Virus to Slow Iranian Nuclear Efforts, Officials Say," Washington Post, June 19, 2012.
Chapter 16 - Olympic Games
p308 ch16 1 The comment appeared in a post about Ahmadinejad's tour published on the Arms Control Wonk website. William J. Broad, "A Tantalizing Look at Iran's Nuclear Program," New York Times, April 29, 2008.
p309 ch16 3 Joby Warrick, "U.S. Is Said to Expand Covert Operations in Iran," Washington Post, June 30, 2008.
p314 ch16 11 David E. Sanger and Thom Shanker, "N.S.A. Devises Radio Pathway into Computers," New York Times, January 14, 2014.
p317 ch16 16 William J. Broad, John Markoff, and David E. Sanger, "Israeli Test on Worm Called Crucial in Iran Nuclear Delay," New York Times, January 15, 2011.
p328 ch16 27 IAEA Report to the Board of Governors, "Implementation of the NPT Safeguards Agreement and Relevant Provisions of Security Council Resolutions 1737 (2006) and 1747 (2007) in the Islamic Republic of Iran," November 15, 2007.
p329 ch16 30 David Albright, Jacqueline Shire, and Paul Brannan, "Is Iran Running Out of Yellowcake?," Institute for Science and International Security, February 11, 2009. This doesn't document doesn't display correctly for me in Linux using Firefox or Evince but YMMV...
Barak Ravid, "Israel Slams Clinton Statement on Nuclear Iran," Ha'aretz, July 22, 2009.
Mark Fitzpatrick, "Statement Before the Senate Committee on Foreign Relations," March 3, 2009.
p330 ch16 31 See IAEA Board of Governors Report, "Implementation of the NPT Safeguards Agreement and Relevant Provisions of Security Council Resolutions 1737 (2006), 1747 (2007) and 1803 (2008) in the Islamic Republic of Iran," September 15, 2008.
p331 ch16 33 David Albright, Jacqueline Shire, and Paul Brannan, "IAEA Report on Iran: Centrifuge Operation Significantly Improving; Gridlock on Alleged Weaponization Issues," September 15, 2008.
p332 ch16 34 Yadegari was convicted, and an explanation from the Ontario Court of Justice detailing the reasons for his conviction can be found on the website of the Institute for Science and International Security.
p333 ch16 35 Broad, Markoff, and Sanger, "Israeli Test on Worm Called Crucial in Iran Nuclear Delay."
p333 ch16 36 Mike Shuster, "Inside the United States' Secret Sabotage of Iran," NPR.org, May 9, 2011.
p333 ch16 37 Rebecca Harrison, "Obama Says Nuclear Iran Poses ‘Grave Threat,'" Reuters, July 23, 2008.
p334 ch16 39 Kim Zetter, "Obama Says New Cyberczar Won't Spy on the Net," Wired, May 29, 2009.
p334 ch16 40 Philip Sherwell, "Israel Launches Covert War Against Iran," Telegraph, February 16, 2009.
p334 ch16 41 David Sanger, "U.S. Rejected Aid for Israeli Raid on Iranian Nuclear Site," New York Times, January 10, 2009.
p335 ch16 42 "President Barack Obama's Inaugural Address," The White House, January 21, 2009.
p335 ch16 43 "Videotaped Remarks by The President in Celebration of Nowruz," The White House, March 20, 2009.
Chapter 17 - The Mystery of the Centrifuges
p338 ch17 3 David Albright and Jacqueline Shire, "IAEA Report on Iran: Centrifuge and LEU Increases; Access to Arak Reactor Denied; No Progress on Outstanding Issues," June 5, 2009.
p338 ch17 4 Albright and Shire, IAEA Report, June 5, 2009.
p339 ch17 7 "Dubai Firm Implicated in Iran 'Bomb Components' Investigation in US," Khaleej Times, May 12, 2006.
p340 ch17 9 The case is US District Court, Mayrow General Trading et al., Indictment, September 11, 2008. Snapshot available at archive.org.
p342 ch17 12 William Broad, "A Tantalizing Look at Iran’s Nuclear Program," New York Times, April 29, 2008.
p344 ch17 15 IAEA, "Implementation of the NPT Safeguards Agreement and Relevant Provisions of Security Council Resolution 1737 (2006), 1747 (2007), 1803 (2008) and 1835 (2008) in the Islamic Republic of Iran," February 18, 2010.
p345 ch17 16 "Statements by President Obama, French President Sarkozy, and British Prime Minister Brown on Iranian Nuclear Facility," September 25, 2009, at the Pittsburgh Convention Center in Pittsburgh, Pennsylvania.
p346 ch17 18 William Broad, "Iran Shielding Its Nuclear Efforts in Maze of Tunnels," New York Times, January 5, 2010.
p346 ch17 19 "Statements by President Obama, French President Sarkozy, and British Prime Minister Brown on Iranian Nuclear Facility," the White House.
p346 ch17 20 David E. Sanger, "Dissidents Claim Iran Is Building a New Enrichment Site," New York Times, September 9, 2010.
p346 ch17 21 Broad, "Iran Shielding Its Nuclear Efforts."
p347 ch17 22 US State Department cable, "40th Joint Political-Military Group: Executive," November 18, 2009, published by WikiLeaks.
p347 ch17 23 Dieter Bednarz, Erich Follath, and Holger Stark, "Intelligence from Tehran Elevates Concern in the West," Der Spiegel, January 25, 2010.
p347 ch17 24 Erich Follath and Holger Stark, "The Birth of a Bomb: A History of Iran's Nuclear Ambitions," Der Spiegel, June 17, 2010.
p348 ch17 25 Olli J. Heinonen, "Iran Ramping Up Uranium Enrichment," Power and Policy blog, July 20, 2011, published by the Belfer Center at Harvard Kennedy School, July 20, 2011.
p349 ch17 26 "Remarks of President Obama Marking Nowruz," the White House, March 20, 2010.
p355 ch17 35 "How West Infiltrated Iran's Nuclear Program, Ex-Top Nuclear Official Explains," Iran's View, March 28, 2014.
p356 ch17 37 David Albright, Paul Brannan, and Andrea Stricker, "What Is Iran’s Competence in Operating Centrifuges?" ISIS, July 26, 2010.
p356 ch17 39 David Albright et al., "Natanz Enrichment Site: Boondoggle or Part of an Atomic Bomb Production Complex?" ISIS, September 21, 2011.
p357 ch17 40 IAEA Board of Governors, "Implementation of the NPT Safeguards Agreement and the Relevant Provisions of Security Council Resolutions in the Islamic Republic of Iran" (report, November 23, 2010).
Chapter 18 - Qualified Success
p359 ch18 1 David Albright, Paul Brannan, and Christina Walrond, "Did Stuxnet Take Out 1,000 Centrifuges at the Natanz Enrichment Plant? Preliminary Assessment," Institute for Science and International Security, December 22, 2010.
p360 ch18 2 William J. Broad, John Markoff, and David E. Sanger, "Israeli Test on Worm Called Crucial in Iran Nuclear Delay," New York Times, January 15, 2011.
p360 ch18 3 Yossi Melman, "Outgoing Mossad Chief: Iran Won't Have Nuclear Capability Before 2015," Ha'aretz, January 7, 2011.
p361 ch18 4 Mark Landler, "U.S. Says Sanctions Hurt Iran Nuclear Program," New York Times, January 10, 2011.
p361 ch18 5 Ivanka Barzashka, "Are Cyber-Weapons Effective?" Royal United Services Institute for Defense and Security Studies, July 23, 2013.
p362 ch18 6 David Albright and Christina Walrond, "Performance of the IR-1 Centrifuge at Natanz," Institute for Science and International Security, October 18, 2011.
p362 ch18 7 Olli J. Heinonen, "Iran Ramping Up Uranium Enrichment," Power and Policy blog, July 20, 2011, published by the Belfer Center at Harvard Kennedy School, July 20, 2011.
p362 ch18 8 Barzashka, "Are Cyber-Weapons Effective?"
p363 ch18 9 David Albright, Jacqueline Shire, and Paul Brannan, "Enriched Uranium Output Steady: Centrifuge Numbers Expected to Increase Dramatically; Arak Reactor Verification Blocked," Institute for Science and International Security, November 19, 2008.
p364 ch18 12 IAEA Board of Governors, "Implementation of the NPT Safeguards Agreement and Relevant Provisions of Security Council Resolutions in the Islamic Republic of Iran" (report, September 6, 2010), 3.
p366 ch18 15 Ulrike Putz, "Mossad Behind Tehran Assassinations, Says Source," Spiegel Online, August 2, 2011.
"Israel Responsible for Iran Killing: Report," Global Security Newswire, August 2, 2011.
p367 ch18 16 Saeed Kamali Dehghan and Julian Borger, "Iranian Nuclear Chemist Killed by Motorbike Assassins," Guardian, January 11, 2012.
Zvi Bar'el, "Iran Domestic Tensions Boil as West Battles Its Nuclear Program," Ha'aretz, April 8, 2014.
p367 ch18 17 David E. Sanger and William J. Broad, "Blast That Leveled Base Seen as Big Setback to Iran Missiles," New York Times, December 4, 2011.
p367 ch18 18 Sheera Frenkel, "Second Blast 'Aimed at Stopping Tehran's Nuclear Arms Plans'," Times (London), November 30, 2011 (available online for subscribers only).
p368 ch18 19 "Sources: Iran Exposed Spying Device at Fordo Nuke Plant," Ynet (online news site for the Israeli newspaper Yediot Ahronot), September 23, 2012.
p368 ch18 20 Fredrik Dahl, "Terrorists Embedded in UN Nuclear Watchdog May Be Behind Power Line Explosion," Reuters, September 17, 2012.
p368 ch18 21 Eli Lake, "Operation Sabotage," New Republic, July 14, 2010.
p369 ch18 22 George Jahn, "UN Reports Iran Work 'Specific' to Nuke Arms," Associated Press, November 8, 2011.
p369 ch18 23 Ali Vaez, "It's Not Too Late to Peacefully Keep Iran from a Bomb," The Atlantic, November 11, 2011.
p369 ch18 24 "Iran Says United and 'Ready for War' with Israel," Ha'aretz, November 3, 2011.
p369 ch18 25 Anne Gearan and Joby Warrick, "Iran, World Powers Reach Historic Nuclear Deal," Washington Post, November 23, 2013.
Chapter 19 - Digital Pandora
p371 ch19 1 "Remarks by the President on Securing Our Nation's Cyber Infrastructure," The White House, May 29, 2009.
Thomas Claburn, "CIA Admits Cyberattacks Blacked Out Cities," InformationWeek, January 18, 2008.
Marcelo Soares, "WikiLeaked Cable Says 2009 Brazilian Blackout Wasn't Hackers, Either," Wired.com, December 6, 2010.
p373 ch19 2 David E. Sanger, "Obama Order Sped Up Wave of Cyberattacks Against Iran," New York Times, June 1, 2012.
p373 ch19 3 "Iran's Supreme Leader Tells Students to Prepare for Cyber War," Russia Today, February 13, 2014.
p373 ch19 4 Ellen Nakashima, "Pentagon to Boost Cybersecurity Force," Washington Post, January 27, 2013.
p373 ch19 5 Ellen Nakashima, "With Plan X, Pentagon Seeks to Spread U.S. Military Might to Cyberspace," Washington Post, May 30, 2012.
p374 ch19 6 Interview with Michael V. Hayden, in "Stuxnet: Computer Worm Opens New Era of Warfare," 60 Minutes, CBS, originally aired June 4, 2012. For non subscribers, part of it is available on their YouTube channel.
p374 ch19 8 Kevin Haley, "Internet Security Predictions for 2011: The Shape of Things to Come," Symantec blog, November 17, 2010.
p375 ch19 9 Kennette Benedict, "Stuxnet and the Bomb," Bulletin of the Atomic Scientists, June 15, 2012.
p376 ch19 11 Marcus Ranum, "Parsing Cyberwar-Part 4: The Best Defense Is a Good Defense," published on his Fabius Maximus blog, August 20, 2012.
p377 ch19 142 Grant Gross, "Security Expert: US Would Lose Cyberwar," IDG News Service, February 23, 2010.
p377 ch19 14 Gerry Smith, "Stuxnet: U.S. Can Launch Cyberattacks but Not Defend Against Them, Experts Say," Huffington Post, June 1, 2012.
p377 ch19 15 Prepared statement to the Strategic Forces Subcommittee of the House Committee on Armed Services, for a hearing on March 17, 2009.
p380 ch19 19 Barbara Opall-Rome, "Israeli Cyber Game Drags US, Russia to Brink of Mideast War," Defense News, November 14, 2013. Unfortunately this is a dead link and I can't find an alternative.
p380 ch19 20 "Israel Combats Cyberattacks, 'Biggest Revolution in Warfare,'" UPI, January 31, 2014.
p381 ch19 21 Marcus Ranum, "Parsing Cyberwar-Part 3: Synergies and Interference," published on his Fabius Maximus blog, August 13, 2012.
p381 ch19 22 Thomas Rid, "Think Again: Cyberwar" Foreign Policy, March/April 2012.
p382 ch19 24 James A. Lewis, "Cyberwar Thresholds and Effects," IEEE Security and Privacy (September 2011): 23-29. The document is available upon request only.
p383 ch19 25 Rid, "Think Again: Cyberwar."
p384 ch19 28 James A. Lewis in testimony before the Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies, March 16, 2012.
p384 ch19 29 James A. Lewis, "Thresholds for Cyberwar," Center for Strategic and International Studies, September 2010.
p385 ch19 31 W. Earl Boebert, "A Survey of Challenges in Attribution," Proceedings of a Workshop on Deterring Cyber Attacks: Informing Strategies and Developing Options for US Policy. Published by the National Academy of Sciences.
p387 ch19 33 Chris Carroll, "Cone of Silence Surrounds U.S. Cyberwarfare," Stars and Stripes, October 18, 2011.
p388 ch19 34 David E. Sanger, "America's Deadly Dynamics with Iran," New York Times, November 5, 2011.
p388 ch19 35 Page 36 of "Threat Report H1 2013," F-Secure.
p388 ch19 36 Dennis Fisher, "Nation-State Attackers Are Adobe's Biggest Worry," ThreatPost, a security blog published by Kaspersky Lab, September 20, 2011.
p389 ch19 37 Speaking to the Senate Committee on Appropriations, "Cybersecurity: Preparing for and Responding to the Enduring Threat," June 12, 2013.
p390 ch19 39 The President's Review Group on Intelligence and Communications Technologies, "Liberty and Security in a Changing World" (report, December 12, 2013), 37.
p391 ch19 41 "Advance Questions for Vice Admiral Michael S. Rogers, USN, Nominee for Commander, United States Cyber Command," available on the Senate Armed Services Committee website.
p391 ch19 42 David E. Sanger, "Obama Lets N.S.A. Exploit Some Internet Flaws, Officials Say," New York Times, April 12, 2014.
p391 ch19 43 Kim Zetter, "Obama: NSA Must Reveal Bugs Like Heartbleed, Unless They Help the NSA," Wired.com, April 15, 2014.
p396 ch19 47 Stephen Cobb, "The Negative Impact on GDP of State-Sponsored Malware Like Stuxnet and Flame," We Live Security blog, June 13, 2012.
p396 ch19 48 William A. Owens, Kenneth W. Dam, and Herbert S. Lin, (eds.), "Technology, Policy, Law, and Ethics Regarding US Acquisition and Use of Cyberattack Capabilities," National Academies Press, 2009.
p396 ch19 49 Ellen Nakashima, "List of Cyber-Weapons Developed by Pentagon to Streamline Computer Warfare," Washington Post, May 31, 2011.
p397 ch19 50 Lolita Baldor, "Pentagon Gets Cyberwar Guidelines," Associated Press, June 22, 2011. I've updated the link but seems like the stylesheet is missing.
p397 ch19 51 Glenn Greenwald and Ewen MacAskill, "Obama Orders US to Draw up Overseas Target List for Cyber-Attacks," Guardian, June 7, 2013. Presidential Policy Directive 20 was issued in October 2012, according to the paper.
p398 ch19 53 "International Strategy for Cyberspace: Prosperity, Security, and Openness in a Networked World," The White House, May 2011.
p399 ch19 55 Carroll, "Cone of Silence"
p400 ch19 56 Michael N. Schmitt, general editor, Tallinn Manual on the International Law Applicable to Cyber Warfare, NATO Cooperative Cyber Defence Centre of Excellence.
p401 ch19 57 Thomas Rid, "Think Again: Cyberwar" Foreign Policy, February 27, 2012.
p404 ch19 62 Cilluffo was speaking at a hearing on the "Iranian Cyber Threat to the US Homeland" for a Joint Subcommittee Hearing of the Committee on Homeland Security, April 26, 2012.
p405 ch19 63 Brown has written a paper on the issue. See Gary D. Brown and Andrew O. Metcalf, "Easier Said Than Done: Legal Reviews of Cyber Weapons," Journal of National Security Law and Policy, published by Georgetown Law, February 12, 2014.