Operation Olympic Games was a covert and still unacknowledged campaign of sabotage by means of cyber disruption, directed at Iranian nuclear facilities likely by the United States and Israel. As reported, it is one of the first known uses of offensive cyber weapons. Started under the administration of George W. Bush in 2006, Olympic Games was accelerated under President Obama, who heeded Bush's advice to continue cyber attacks on the Iranian nuclear facility at Natanz. Bush believed that the strategy was the only way to prevent an Israeli conventional strike on Iranian nuclear facilities.
During Bush's second term, General James Cartwright, then head of United States Strategic Command, along with other intelligence officials presented Bush with sophisticated code that would act as an offensive cyber weapon. "The goal was to gain access to the Natanz plant's industrial computer controls ... the computer code would invade the specialized computers that command the centrifuges." Collaboration happened with Israel's SIGINT intelligence service, Unit 8200. Israel's involvement was important to the United States because the former had "deep intelligence about operations at Natanz that would be vital to making the cyber attack a success." Additionally, American officials wanted to "dissuade the Israelis from carrying out their own preemptive strike against Iranian nuclear facilities." To prevent a conventional strike, Israel had to be deeply involved in Operation Olympic Games. The computer virus created by the two countries became known as "the bug," and Stuxnet by the IT community once it became public. The malicious software temporarily halted approximately 1,000 of the 5,000 centrifuges from spinning at Natanz.
A programming error in "the bug" caused it to spread to computers outside of Natanz. When an engineer "left Natanz and connected [his] computer to the Internet, the American- and Israeli-made bug failed to recognize that its environment had changed." The code replicated on the Internet and was subsequently exposed for public dissemination. IT security firms Symantec and Kaspersky Lab have since examined Stuxnet. It is unclear whether the United States or Israel introduced the programming error.
According to the Atlantic Monthly, Operation Olympic Games is "probably the most significant covert manipulation of the electromagnetic spectrum since World War II, when Polish cryptanalysts broke the Enigma cipher that allowed access to Nazi codes." The New Yorker claims Operation Olympic Games is "the first formal offensive act of pure cyber sabotage by the United States against another country, if you do not count electronic penetrations that have preceded conventional military attacks, such as that of Iraq's military computers before the 2003 invasion of Iraq." Therefore, "American and Israeli official action can stand as justification for others."
In June 2013, it was reported that Cartwright was the target of a year-long investigation by the US Department of Justice into the leak of classified information about the operation to the US media. In March 2015, it was reported that the investigation had stalled amid concerns that necessary evidence for prosecution was too sensitive to reveal in court.
Referring to unnamed sources within the CIA and NSA, the documentary film Zero Days claims that the Stuxnet/Olympic Games malware was just a small part of a much larger mission to infiltrate and compromise Iran—"Nitro Zeus" (NZ).
- Sanger, David E. (1 June 2012). "Obama Order Sped Up Wave of Cyberattacks Against Iran". The New York Times (New York ed.). WASHINGTON. p. 1. eISSN 1553-8095. ISSN 0362-4331. LCCN sn00061556. OCLC 1645522. Archived from the original on 25 March 2022. Retrieved 30 March 2022.
President Obama secretly ordered increasingly sophisticated attacks on the computer systems that run Iran's main nuclear enrichment facilities, significantly expanding America's first sustained use of cyberweapons
- Kamiński, Mariusz Antoni (25 June 2020). "Operation "Olympic Games." Cyber-sabotage as a tool of American intelligence aimed at counteracting the development of Iran's nuclear programme". Security and Defence Quarterly. National Defence University of Warsaw. 29 (2): 63–71. doi:10.35467/sdq/121974. eISSN 2544-994X. ISSN 2300-8741. LCCN 2015212407. OCLC 1112982546.
[...] the operation of the Stuxnet virus caused the destruction of around 1,000 centrifuges at the Natanz site, which could have delayed Iran's nuclear programme by about 1 year.
- Rejewski, Marian (July 1981). "How Polish Mathematicians Broke the Enigma Cipher". IEEE Annals of the History of Computing. Institute of Electrical and Electronics Engineers. 3 (3): 213–234. doi:10.1109/MAHC.1981.10033. eISSN 1934-1547. ISSN 1058-6180. LCCN 92650021. OCLC 44452888.
- Ambinder, Marc (5 June 2012). "Did America's Cyber Attack on Iran Make Us More Vulnerable?". U.S. The Atlantic. eISSN 2151-9463. ISSN 1072-7825. LCCN 93642583. OCLC 936540106. Retrieved 30 March 2022.
America's attack -- which, Sanger reports, the government nicknamed "Olympic Games" -- is probably the most significant covert manipulation of the electromagnetic spectrum since World War II, when cryptanalysts broke the Enigma cipher that allowed access to Nazi codes.
- Coll, Steve (6 June 2012). "The Rewards (and Risks) of Cyber War". Daily Comment. The New Yorker. ISSN 0028-792X. LCCN 28005329. OCLC 909782404. Archived from the original on 14 November 2021. Retrieved 30 March 2022.
"Olympic Games" seems to be, so far as is known, the first formal offensive act of pure cyber sabotage by the United States against another country [...]
- Nakashima, Ellen; Miller, Greg; Tate, Julie; Warrick, Joby (19 June 2012). "U.S., Israel developed Flame computer virus to slow Iranian nuclear efforts, officials say". National Security. The Washington Post. ISSN 0190-8286. OCLC 2269358. Archived from the original on 22 March 2022. Retrieved 1 March 2022.
This is about preparing the battlefield for another type of covert action," said one former high-ranking U.S. intelligence official, who added that Flame and Stuxnet were elements of a broader assault that continues today. "Cyber-collection against the Iranian program is way further down the road than this.
- "Reports: Retired General Target Of Leaks Probe". Here & Now. WBUR-FM. Associated Press. 28 June 2013. Archived from the original on 11 July 2021. Retrieved 30 March 2022.
A former vice chairman of the Joint Chiefs of Staff is under investigation for allegedly leaking classified information about a covert cyberattack on Iran's nuclear facilities, according to media reports. [...] Retired Marine Gen. James "Hoss" Cartwright has been told he is a target of the probe, NBC News and The Washington Post reported Thursday
- Nakashima, Ellen; Goldman, Adam; Horwitz, Sari (10 March 2015). "Leak investigation stalls amid fears of confirming U.S.-Israel operation". National Security. The Washington Post. ISSN 0190-8286. OCLC 2269358. Archived from the original on 28 January 2021. Retrieved 31 March 2022.
A sensitive leak investigation of a former vice chairman of the Joint Chiefs of Staff has stalled amid concerns that a prosecution in federal court could force the government to confirm a joint U.S.-Israeli covert operation targeting Iran, according to current and former U.S. officials.