@BroderJonathan
ON AUGUST 15, 2012, a mysterious self-replicating virus struck Saudi Aramco, the world’s largest oil company. The cyberattack wiped out every piece of software and every line of code on as many as 30,000 company computers, along with terabytes of data. Four months later, another unidentified virus targeted Bank of America, Wells Fargo and a dozen other major U.S. banks, repeatedly shutting down their online services. Experts said the technical sophistication of the two attacks strongly suggested the work of a foreign government. But with no obvious return address, President Barack Obama didn’t respond, leaving the private sector to deal with the damage.
Secretly, however, Obama and his top aides knew who did it and why. It was Iran, they concluded, retaliating for a covert U.S.-Israeli cyberoffensive that used the now-infamous Stuxnet virus to destroy more than 1,000 centrifuges at Natanz, then the center of Iran’s nuclear program. “White House officials knew the Iranians had sent them a message, saying: ‘Stop attacking us in cyberspace the way you did at Natanz with Stuxnet,’” says Richard Clarke, the White House special adviser on cybersecurity at the time. “‘We can do it too.’”