While lawmakers work themselves
up into a tizzy that the White House might be leaking
classified information to make President Barack Obama look good
(and wouldn’t it just be the living end if true, given Obama’s
habit of
prosecuting leakers?), Sen. John Kerry asks whether it’s
appropriate for the media to actually let the public know what’s
going on.
Via Politico:

Sen. John Kerry on Wednesday questioned whether The New York
Times should have
published explosive stories last week about President Obama
ordering cyberattacks against Iran’s nuclear
program.  

“I personally think there is a serious question whether or not
that served our interest and whether the public had to know,”
Kerry, the Foreign Relations Committee chairman, told reporters.
“To me it was such a nitty-gritty fundamental national security
issue. And I don’t see how the public interest is well served by
it. I do see how other interests outside the United States are well
served by it.” …

Earlier, Kerry said he was “disturbed” by the leaking of
classified information cited in the Times story, saying it
endangers U.S. national security and “begs retaliation” from
America’s enemies. The chairman said he couldn’t understand how an
American citizen could leak classified information that could
potentially put the country at risk.

It’s not the act itself that “begs retaliation,” you see, it’s
the reporting of it. The fact that there could be blowback for
targeting a foreign nation’s nuclear program with a computer virus
doesn’t mean you possibly shouldn’t do it. It means you should make
sure you don’t tell your own public. After all, how would Iran ever
conclude that the United States and Israel could be working
together to design a virus to shut down their nuclear ambitions?
Anybody could be the culprit! Anybody at all! They would never have
figured it out had The New York Times kept their big traps
shut.

Or, perhaps, they might have gotten a clue from
this 2010 story from The Guardian that suggests Israel
was responsible for it and that Stuxnet was pretty obviously
designed to target Iran. Or maybe
this story from Forbes.com from 2010 that talks about the
suspicions and various theories that the United States and Israel
were the sources of the virus.  Or perhaps this lengthy
Vanity Fair
investigative report from from last year that says, “[T]here is
vanishingly little doubt that the United States played a role in
creating the worm.” The fact is, The New York Times story
merely revealed the truth that anybody who followed computer
security news already suspected, and Iran doesn’t seem like the
kind of nation that needs a metaphorical smoking gun before casting
blame.

More to the point, launching the virus itself could ultimately
give Iran (or others, because Stuxnet, like every other government
venture, immediately got out of hand and ended up in places where
it wasn’t meant to be) the tools to bring about that blowback Kerry
is so worried about.  Via
The Christian Science Monitor:

Although Stuxnet is estimated to have eventually destroyed as
many as 1,000 high-speed Iranian gas centrifuges designed to enrich
uranium, its importance was far larger than that, [German
cybersecurity expert Ralph] Langner warned. It demonstrated that a
cyberweapon could physically destroy critical infrastructure, and
that process could also work in reverse. 

“One important difference between a cyber offensive weapon and
some kind of advanced bomb, for example, is that when the bomb
blows up you can’t examine or reverse-engineer it,” says Joel
Brenner, a former national counterintelligence executive in the
Office of the Director of National Intelligence.

“Once you find the malware, on the other hand, once you find the
code, you can see how it was done,” he says. “So we are going to
see more operations of this kind – and the US’s critical
infrastructure is undoubtedly going to be targeted. I still don’t
think that the owners and operators of most of that infrastructure
understand the gravity of this threat.”

The possibility that Stuxnet could come back to haunt us does
seem to meet a certain “need to know” threshold. The New York
Times Managing Editor Dean Baquet responded to Kerry via

Politico:

“Our job is to report issues in the public interest, and this
piece certainly meets that standard,” Dean Baquet, the
Times managing editor, said in a statement to POLITICO.
“As always with sensitive stories, we described the piece to the
government before publication. No one suggested we not publish.
There was a request to omit some highly technical details. We
complied with the request after concluding it was not a significant
part of the piece.”

 Well, that ought to add more ammo to those who believe the
White House is actually causing the leaks.