Documentary - Zero Days


The cyber warfare documentary by Alex Gibney is coming to Showtime in the US this weekend...

Written and directed by Alex Gibney (Academy Award®-winning Taxi to the Dark Side, Going Clear: Scientology and the Prison of Belief), ZERO DAYS is a documentary thriller about warfare in a world without rules – the world of cyber war. The film tells the story of Stuxnet, a self-replicating computer malware that the U.S. and Israel unleashed to destroy a key part of an Iranian nuclear facility, and which ultimately spread beyond its intended target. It’s the most comprehensive accounting to date of how a clandestine mission hatched by two allies with clashing agendas opened forever the Pandora’s Box of cyber warfare. ZERO DAYS is produced by Gibney’s Jigsaw Productions and Global Produce’s Marc Shmuger, and executive produced by Jeff Skoll and Diane Weyermann of Participant Media and Sarah Dowland. 


Here's what the man himself, Alex Gibney, had to say about the film, and the investigation, when it was on festival release earlier this year.

"What do you do when your government launches a global war and keeps it a secret? That’s the question that haunted me when making Zero Days, a film about the spectre of a new generation of classified cyber weapons.

"I started out making a small film investigating “Stuxnet,” the self-replicating computer virus invented by the US and Israel to infiltrate and sabotage the Iranian nuclear centrifuges at Natanz. What I discovered was a massive clandestine operation involving the CIA, the NSA, the US military and Israel’s intelligence agency Mossad to build and launch secret cyber “bombs” that could plunge the world into a devastating series of criss-crossing attacks on critical infrastructure, shutting down electricity, poisoning water supplies and turning cars, trains and planes into deadly weapons. Even more terrifying, this science fiction scenario, possibly resulting in the loss of millions of lives, could happen without anyone – including our own government – knowing who is responsible.

"In the words of David Byrne, 'You may ask yourself: How did we get here?' When I started, I knew that the Stuxnet worm (a self-replicating virus) had spread all over the world. The secrecy of the operation was blown. But every US official I asked about the operation either refused to talk about it or even admit that it happened.

"Everyone justified their silence with claims of national security. As Michael Hayden, former head of the CIA and the NSA, told me, a covert operation 'automatically goes into the do-not-talk-about-it box.'

"But Stuxnet wasn’t just another covert op. It represented a fundamental change in the threat landscape. For the first time in history, a computer virus crossed the threshold from the virtual reality of 1s and 0s to the physical world. Stuxnet took control of machines and commanded them to destroy themselves. Then the code leaked all over the world so that it could be re-purposed by other nations, criminals and terrorists. Keeping that secret was like saying, after Hiroshima, 'what bomb?' And it reached the height of absurdity when I learned that the Department of Homeland Security triggered a high alert to protect the US from Stuxnet, since the NSA never let the other branches of government know that the weapon we launched was now attacking the homeland. We had met the enemy and it was us.


"Since government officials were trying to hide the dangers they had caused, my team and I reached out to others. We first contacted the cyber detectives, Liam O’Murchu and Eric Chien, from the anti-virus company Symantec, who were the first ones to discover the purpose of Stuxnet. They took apart the weapon for us so that we could understand both its delivery system and payload.

"Then we travelled to Moscow – the capital of cyber crime and headquarters for Russia’s cyber weapons units – and to Israel, the key partner for the US in the development of Stuxnet. What we discovered in Tel Aviv and Jerusalem, by talking to politicians, journalists and – on background – agents for Israel’s intelligence agency, Mossad, was that “Stuxnet” was not a technical computer story at all. Rather, it was part of a much larger operation which involved the Mossad, the CIA, the US military unit, Cyber Command, and included covert operations – sometimes directed at American companies, like Microsoft - the assassination of Iranian scientists, and weapons of cyber mass destruction that made “Stuxnet” look like a computer game.

"Armed with this level of detail, we returned to the United States and were able to persuade some people inside the NSA and the CIA to talk to us provided we kept their identities a secret. By now, it’s well known that the Obama Administration has prosecuted more whistle-blowers than all previous administrations combined. So we had to take careful precautions to protect our sources.

"We recorded interviews on audio recorders with no wifi capability, transcribed them on electric typewriters and then destroyed the data cards. We used a system of codes to identify the sources and then integrated their testimony in a “script” that was factually accurate but which masked phrases that could lead investigators to identify our witnesses. Then we used a system called “Depthkit,” to photograph our “essential source” via a 3-D video capture device that allowed us to break down a human face into separate fields of flesh, dots and lines. In final post, we recombined those elements with new computer tilts and pans to portray a cyber whistle-blower whose “hacked” look harmonised with the film’s animation of the actual Stuxnet code.

(Note: in the code animation sequences we only used excerpts of the Stuxnet code, which would not allow anyone reconstitute the weapon. That said, our co-producer, Javier Botero, didn’t have much difficulty obtaining the entire code, something that makes the government secrecy about it all the more absurd.)

"Our whistle-blowers were able to give us an entirely new perspective on the Stuxnet operation, known inside the government as “Olympic Games,” and the new world of cyber weapons.

 "Among the key elements of information in Zero Days that have been revealed in the popular media for the first time are:

1) The US, as a matter of policy, has not dedicated sufficient resources to cyber defence. Instead, it is focusing on cyber offence, and hoping that the threat of counterattack will prevent our enemies from launching cyber weapons against us. So far, that strategy has failed. Russia, China, Iran and North Korea have all launched limited cyber attacks against us and likely hidden thousands of backdoors to computer networks that have the potential of damaging key portions of our critical infrastructure: power grids, water filtration plants, transportation systems, heat, air conditioning, etc.

2) While “Olympic Games” was a joint operation between the US and Israel, each country had the ability to modify and deploy the OG cyber weapons in ways they wished. This caused animosity and tension, when the Mossad – pressured by an impatient Bibi Netanyahu – launched, without consultation with the US, a virulent version of the virus that spread all over the world. This raises very difficult questions about the nature of our relationship with Israel.

3) Following “Olympic Games,” the NSA developed far more powerful cyber weapons. One operation involving those weapons, named “Nitro Zeus” (disclosed for the first time in “Zero Days”) had the capacity to jam all of Iran’s air defences and to shut down many of the key power grids in Iran. As one of our sources told us, “the science fiction cyber war scenario is here.”

4) Department of Defence officials in US Cyber Command showed a remarkable lack of sophistication or concern about the amount of destruction that these weapons could cause. As one source noted, when key power plants are shut down, they don’t just “pop back up. It’s more like Humpty Dumpty…lots of people die.” In discussing targets in Iran, State Department lawyers objected to the fact that US cyber attacks would shut down hospitals causing large numbers of fatalities. The Department of Defence overruled those objections.

5) “Olympic Games” was a CIA-led operation. For every attack, an officer from the CIA had to stand behind NSA computer operators and give them attack commands.

6) When Iran, in retaliation for Stuxnet, launched a cyber attack on US banks, the US government was aware that the attacks were coming from Iran but did not counterattack because the the computers controlling the “botnet” (a network of private computers infected with malicious software) was in another country and the US State Department was concerned that a US attack might involve a friendly nation in a growing cyber conflict. This highlights one of the dilemmas of cyber war: attribution is very difficult, raising the spectre of “false flags” and mistaken counterattacks that could lead to a cyber world war.

7) The “Stuxnet” virus was autonomous. No operator commanded it to attack. Once Stuxnet found its target inside Natanz, it was programmed to launch its attack on its own, without human intervention. An increasing number of cyber weapons share this characteristic.

8) The secrecy over offensive cyberweapons and their capability is not only impeding democratic debate but also making us less safe. Indeed, our sources came forward because they believe that secrecy itself is putting us all at enormous, possibly existential, risk.

9) The revelation of “Nitro Zeus” sheds new light on the Obama Administration’s deal with Iran on nuclear weapons. While many critics have suggested that Obama was negotiating from a position of weakness, it is likely – given “Nitro Zeus” – that he was negotiating from a position of strength, knowing that the US could virtually shut down the entire country in the event that Iran cheated on the deal.

10) Our sources have confirmed that, since the launch of Stuxnet, offensive cyber operations – conducted by nation states – are an every day occurrence. (O’Muchu and Chien from Symantec have confirmed that the number of nation state attacks have increased exponentially in the last few years.) Government secrecy and the inability of the media to report on this story is the only reason we don’t know more about cyberweapons. They are being launched – by and against us - every day."

Zero Days premieres on Showtime at 9pm EST on Saturday November 5th. It will be available for digital streaming the next day.



Images - Magnolia Pictures