Tonight starts Purim, a Jewish holiday which celebrates the victory of Jewish people over the Ancient Persian King Ahasuerus’ Vizier Haman who received royal permission to kill the Jew. At the end of the story, Haman is defeated by the Jewish Queen Esther (the king didn’t know her faith until the end) and her Uncle Mordechai.  Purim is one of those “They Tried to Kill US, We Won, Lets Eat,” type of Jewish holidays.

What most people don’t realize, is that Queen Esther had a role in defeating modern-day Persia (Iran), or at least delaying their quest for a nuclear weapon by between one and two years, the weapon Esther used this time was called Stuxnet.

Stuxnet was malicious computer worm that, when it got into Iran’s computer systems, destroyed the rogue nation’s nuclear centrifuges.

The job of the centrifuge is to enrich uranium so it could be used for reactors and/or weapons. Stuxnet “took control” of the centrifuge and spun them of control so they burned out. This cyber-attack slowed down Iran’s march toward a nuclear weapon. The worm was so successful, that in 2011 both the United States and Israel pushed back their time-lines saying that Iran was a few years away from achieving nuclear weapons

While no country ever took credit for Stuxnet, there’s evidence that Israel was probably behind the computer worm…evidence of biblical proportions.
Computer Scientists who analyzed the Stuxnet virus found a file name that seemingly referred to the Biblical Queen Esther.

The first directory inside the virus is named “Myrtus.” The person/people who developed the virus might have simply been an amateur horticulturists and the use of Myrtus as the file name could have simply referred to the myrtle plant, which is indigenous to — and prevalent in — various Mediterranean, Middle Eastern and North African areas.

On the other hand the Hebrew word for myrtle (Hadas) is the root of the name Hadassah which which was Queen Esther’s name before she changed it to hide her faith. Given the constant Iranian threats against Israel, that use of Myrtus could obviously indicate a Jewish or Israeli involvement.

Since Iran is the modern day Persia (where the Purim Heroes Queen Esther and her uncle Mordecai lived), and the computer virus was meant to stop the destruction of millions of Jews in Israel, this may have been message from Israel, something used just to confuse, or maybe something put in the virus just to make the paranoid Iranians even more nervous. And there was a second hint of the viruses origin (keel reading).

Don’t look for Israel to ever confirm the story; they never comment on any defense action even the ones that they had been accused of but had nothing to do with.

There are many competing explanations for Myrtus, which could simply signify myrtle, a plant important to many cultures in the region. But many security experts saw the reference as a signature allusion to Esther, and a clear warning in what was a technological and psychological battle as Israel tried breach Tehran’s most heavily guarded project. Others doubt the Israelis were involved and say the word could have been inserted as deliberate misinformation, to implicate Israel. But that seems a long way to go to implicate the Jewish state, especially since many people know Queen Esther but few outside the Jewish faith know her original name.

In 2011 when Stuxnet was in the news the  New York Times reported the one former intelligence official who worked on Iran issues said at the time:

The Iranians are already paranoid about the fact that some of their scientists have defected and several of their secret nuclear sites have been revealed. Whatever the origin and purpose of Stuxnet, it ramps up the psychological pressure.

During a conference on the Stuxnet virus an Israeli cyber intelligence expert Nimrod Kozlovski, head of Altal Information Security suggested that the Myrtus reference was an accident. 

“The development and execution of Stuxnet is a stroke of genius no matter what country is behind it or what real damage was done to Iran,” said Kozlovski. “It is a landmark activity that opens the battlefield for global cyber warfare. But the word Myrtus appears by chance, not as a signature. Why would any designer, especially an Israeli, leave a signature with such a trace to Jewish history in ancient Persia? It is farfetched.”

Accident? Maybe not. Because the reference to Queen Esther is not the only Jewish connection to Stuxnet. According to a white paper on Stuxnet by Symantec :

“Export 16 [main installer] first checks that the configuration data is valid, after that it checks the value ‘NTVDM TRACE’ in the following registry key. If this value is equal to 19790509 the threat will exit,” the paper continues. “This is thought to be an infection marker or a ‘do not in­fect’ marker. If this is set correctly infection will not occur. The value appears to be a date of May 9, 1979.”

That date is a significant date in Iranian Jewish history.  On May 9, 1979  Iranian Jew, Habib Elghanian was executed by a firing squad in Tehran sending shock waves through the closely knit Jewish community. He was the first Jew and one of the first civilians to be executed by the new Islamic government.”

There is no way to definitively prove where the virus came from, US, Israel, or maybe some crazy hacker living in his mother’s basement. There are even reports that the virus may have come from Russia or China.

However, in 2013 American traitor Edward Snowden told German newspaper Der Spiegel that the NSA and Israel co-wrote Stuxnet.

Following that revelation, it was leaked that it was the U.S. and Israel behind Stuxnet. The program was put in motion by President Bush. Yes liberals this time you can say it, Bush did it! (we think… because neither country has confirmed the report).

The New York Times reported that Mr. Bush authorized a covert program to undermine the electrical and computer systems around Natanz, Iran’s major enrichment center. And that evolved into Stuxnet.  To his credit President Obama, first briefed on the program even before taking office, liked the program and sped it up, according to officials familiar with the administration’s Iran strategy.

Yossi Melman, who covers intelligence for the newspaper Haaretz and is at work on a book about Israeli intelligence over the past decade, said in a telephone interview with the NY Times that he suspected that Israel was involved.

He noted that Meir Dagan, head of Mossad, had his term extended last year partly because he was said to be involved in important projects.

He added that in the past year Israeli estimates of when Iran will have a nuclear weapon had been extended to 2014.

“They seem to know something, that they have more time than originally thought,” he said.

Wherever it came from, the use of the word Myrtus should remind us that any virus that slowed down Iran’s quest for nuclear weapons no matter what country it came from was replicating the events of Purim by defeating the evil out of Persia. And like Queen Esther whose real name was Hadassah, whoever created the Stuxnet computer worm was doing the work of God.