Jeffrey LewisIAEA Hacking

A group presenting itself as Iranian — the call themselves Parastoo, which is apparently Farsi for “swallow” — somehow acquired an old IAEA server.  The machine was not wiped clean of data. Parastoo has now posted some of the data online, vaguely threatening a number of persons with compromised emails, unless they sign a petition demanding the IAEA open an investigation into Israel’s nuclear weapons activities:

WE ASK THESE INDIVIDUALS TO SIGN A PETITION DEMANDING AN OPEN IAEA INVESTIGATION INTO ACTIVITIES AT DIMONA . WE WOULD LIKE TO ASSERT THAT WE HAVE EVIDENCES SHOWING THERE ARE BEYOND-HARMFUL OPERATIONS TAKING PLACE AT THIS SITE AND THE ABOVE LIST WHO TECHNICALLY HELP IAEA COULD BE CONSIDERED A PARTNER IN CRIME SHOULD AN ACCIDENT HAPPEN THERE . IN SUCH CASE , MANY PEOPLE WOULD LIKE TO AT LEAST ASK SOME QUESTIONS AND PARASTOO WILL PUBLISH WHEREABOUTS OF EVERY SINGLE ONE OF THESE INDIVIDUALS ALONGSIDE WITH BITS OF HELPFUL PERSONAL AND PROFESSIONAL DETAILS .

I am sure the IAEA is worried.  After all, the IAEA must have no idea what else is on that server.  Then again, I am not sure Parastoo does either. This is a really misguided attack.

Never mind that the IAEA has no authority to conduct such an investigation, the worst offense against common sense is that Parastoo is shaking down persons who have nothing to do with safeguards or nuclear weapons.

I read the list of emails and thought: “This is a funny sort of list.  I don’t know anyone on it.” I decided to start looking through what various persons on the list do and, as best I can tell, it is a list of people who work with the IAEA Atomic and Molecular Data Unit, which is supposed “to establish and maintain internationally recommended numerical databases on atomic and molecular collision and radiative processes, atomic and molecular structure characteristics, particle-solid surface interaction processes and physico-chemical and thermo-mechanical material properties for use in fusion energy research and other plasma science and technology applications.”

In other words, these poor souls don’t have crap to do with safeguards, nuclear weapons or Israel. The IAEA has two missions: “Maximizing the contribution of nuclear technology to the world while verifying its peaceful use.”  These are technical people in the former category who help create databases of basic physical information that would be useful to countries like, oh, I don’t know, Iran.  It makes absolutely no sense to threaten, for example, a Chinese guy who builds databases over Israel’s nuclear weapons program. You might as well send a nasty note to the International Bureau of Weights and Measures complaining that we don’t know how many kilograms of plutonium Israel possesses.

The group has apparently released another message, indicating that they’ve hacked the IAEA’s Nuclear Data Services.  Next thing your know, they’ll target IAEA efforts to eradicate the Mediterranean fruit fly. This information only released to open eyes of IAEA and independent media to real threat to the Mediterranean, not the fruit fly, but Israel.

C’mon guys.  Hacking the IAEA and interfering with efforts to use nuclear energy for peaceful purposes doesn’t get us any closer to a world in which Israel signs the NPT.  If you care about a Middle East without nuclear weapons, the place to start is getting the Israeli and Iranian governments to attend a conference on a regional WMD-free zone.   It’s boring, tedious and incremental step, but ultimately a lot more productive than hacking into servers.

Comments

  1. Pirouz (History)

    The Iranians have held a world conference in Tehran where 120 nations have taken a position against nuclear weapons. How many official conferences have the Israelis held taking this position? None.

    • Anon (History)

      North Korea (represented by Kim Yong-nam) attended that conference with nary an objection, nuclear or otherwise, from anyone there. So why are you holding up another anti-progressive propaganda exercise as a sincere and genuine commitment?

  2. Captain Ned (History)

    Israel signing the NPT??

    It’ll happen about 5 minutes after the non-Israeli bits of the Middle East no longer have any population. Hope all you want, but it’s just never coming to pass.

  3. hass (History)

    Interfering with the peaceful uses of nuclear energy ? Like creating an extra-legal Nuclear Suppliers Group that arbitrarily restricts trade in nuclear technology in violation of the NPT’s guarantee of access to technology “to the fullest extent possible” and “without discrimination”? Like demanding that countries give up their right to enrichment, and characterizing the entire Article IV of the NPT as merely a loophole that needs closing? Give me a break. Who is really interferring with the peaceful uses of nuclear technology?

  4. anon2 (History)

    Good catch Jeffrey — effectively another hoax.

    Speaking of hoaxes, how about that AP article with the 2 uS normal distribution of nuclear power integrating into 50 KT.

    Does anyone here have any plausible way an undergraduate person could have messed up this fake chart, i.e. maybe the left hand scale is ergs, or milliwatts, or horsepower, or something?? And who would have purposefully done such an amateur job and why they would have passed it on AP?

    Maybe this was a high school science fair paper for the Intel competition of Iran?

    • arrigo (History)

      I wouldn’t call it a hoax, it is yet another signal that in the “cyber” war[1] of attrition the Iranians are rightly fed up of being addressed as the village idiots who get hacked by anyone and hisndog (Stuxnet, Flame, etc.).

      This is polite warning number two, number one was the Saudi Aramco hack and the objective of the warning is to point out that they are perfectly capable of hitting back.

      So far they have been far smarter than their enemies: in the Saudi Aramco case they have pointed out to all that petroleum production is something they can (and will) hit without needing the old technique of blocking the Strait of Hormuz, with this move they have seeded doubt in the minds of those collaborating with IAEA.

      It is a subtle move: hit a machine which any IT techie will tell you is non-operational, non-critical, old, bla-bla-bla, remind people that what they write and what they do might come back to haunt them later. So, if you are the IAEA equivalent of the analyst providing known-rubbish “proof” to the Coalition of the Willing about mobile chemical labs, you are now wondering whether your name is out or might be out.

      Seeding doubt about the security capabilities of IAEA’s IT department to the world is much smarter than advertising a centrifuge-busting virus which might or might not have worked and for which there is no independent proof it ever did its job.

      The amateurish-looking hack is not representative of capabilities but, if you will, an addendum to the warning: we don’t need no stinking Stuxnet to make you worry and we know PR after Iraq’s WMDs is not something you can ignore.

      [1] I personally hate the fashionable cyber-anything and Cyber Perl Harbour rubbish, what we are seeing is just an extension of warfare, overt and covert, to other means. Just because it is esoteric to you does not mean it is conceptually different.

  5. Mam Dali (History)

    Jeffrey, I wish you had shown as much indignation on the murder of Iranians scientists as you do here. Just to obviate my point, take your article and, verbatim, replace ‘Israel’ with ‘Iran’, ‘hacking’ with ‘murder’, and ‘sign the npt’ with ‘stop enrichment’. Perhaps that might give you a better idea of the bias of this recent post of yours.

    • Jeffrey (History)

      Ah, well that’s a fair point actually. The campaign to murder scientists is of questionable moral content and, if Western agencies are behind it, limited strategic vision.

      Having said that — and I should post something on the topic — threatening scientists who happen to participate in IAEA-funded efforts on the peaceful use of nuclear technology is also immoral and misguided. One action does not excuse the other, just as Israel’s nuclear weapons program does not excuse Iran’s failure to abide by its nonproliferation obligations.

      One of the things I despise about any discussion of strategic issues in the Middle East is the willingness of too many participants to excuse one barbaric action on the basis of some previous barbaric action.

      An eye for an eye leaves the whole world nuclear armed, or something like that. (Does the pope shit in the woods?)

    • Arrigo (History)

      Jeffrey, I respectfully disagree. They are threatening the scientists but in reality they are threatening something further down: they are threatening the concept that what confidentially you do or say at the IAEA remains confidential. They are making sure that you will think twice before doing a “mobile biochem lab” just to appease nation X because it might come back to haunt you.