Israeli Cyber Attack May Have Sabotaged Iranian Nuclear Reactor
(Source: Lexington Institute; issued September 24, 2010)

(© Lexington Institute; reproduced by permission)
The Bushehr nuclear reactor, widely believed to be part of Iran's nuclear-weapons program, was supposed to power up in August. It didn't. One Iranian official blamed the weather. Now a more likely cause has emerged: the Stuxnet cyber worm discovered last June to have infected thousands of industrial control systems around the world.

At first, cyber experts didn't know what to make of the sophisticated package of malicious code, but now some are saying it looks like the world's first guided cyber bomb -- malware designed to infect and take down one particular system. And because Stuxnet infections were concentrated in and around Iran, experts are pointing at Israel as the most plausible author of the worm.

This is all laid out in a fascinating story by Christian Science Monitorreporter Mark Clayton that appeared on September 21. Based largely on the technical analyses of German cyber researcher Ralph Langer -- who briefed his findings to other experts this week in Rockville, Maryland -- Clayton sets forth a persuasive circumstantial case that the Stuxnet worm was designed to penetrate sensitive Iranian nuclear facilities and disrupt automated control processes in a manner that would severely damage their operations.

That isn't so hard to do in the case of a nuclear reactor like Bushehr, where the nuclear reaction must be moderated continuously to remain within safe parameters and a few well-timed malfunctions can cause heavy damage. The worm appears to penetrate Seimens industrial-control systems from USB memory sticks of the kind routinely used by engineers all over the world.

Although at least 45,000 control systems have been compromised by Stuxnet, reverse engineering of the worm by Langer and others points to the conclusion that it was designed with a specific target in mind. Microsoft released a geographical distribution of where Stuxnet was most prevalent in July, and by far the highest concentration was in Iran. That fact, plus the extreme sophistication of the malware, led U.S. cyber experts to conclude it must have been devised by a state-run or state-influenced organization with extensive resources.

Since Russia and China don't have an incentive to attack Iran and statements of the U.S. government indicate it was surprised by the appearance of the worm, Israel emerges as one of the very few candidates with both the motivation and the expertise to have launched the attack. Of course, Washington has been known to conduct disinformation campaigns as a way of covering its tracks in the past, but the Iranian nuclear program poses a much bigger threat to Israel, and U.S. policymakers would agonize over unleashing a new class of weapons potentially more injurious to America than other countries.

The Monitor story is based largely on speculation, but this is one conspiracy theory where all the known facts fit together quite neatly. So there is a real possibility that the kind of cyber war experts have long been fearing may now be upon us. The good news is that it looks like friends of America are in the lead in devising cutting-edge weapons for waging that war.

The bad news is that it looked the same way on the day America dropped an atomic bomb on Hiroshima, and today Washington is deeply worried about Iran and other rogue states obtaining the same weapons of mass destruction.

New technology seldom respects boundaries. (ends)
Iran: Computer Malware Attacked, Failed to Harm Nuclear Plant
(Source: Voice of America news; issued Sept. 26, 2010)
The head of Iran's Bushehr nuclear power plant has confirmed a computer worm infected some of the facility's software, but says the plant's main systems are all safe.

Bushehr Project Director Mahmoud Jahfari told state media an attack by the Stuxnet computer worm has had no impact on the operations of the nuclear power plant.

Jahfari said investigations showed that some private software belonging to Bushehr employees had been contaminated. He added that authorities are working to counter the attacks.

Iranian authorities had earlier acknowledged the worm has infected systems throughout the country, but said it had caused no serious damage.

Stuxnet, a self-replicating worm, has distinguished itself as the first known to be designed to take over industrial control systems. It is able to penetrate computer systems not connected to the internet.

The worm was detected earlier this year and has spread around the world. Iran is believed to be the most heavily affected, suffering an estimated 60 percent of the attacks.

The director of information technology at the Iranian Ministry of Industries and Mines, Mahmud Liai, told state media "an electronic war has been launched against Iran."

Several cyber experts point to the sophistication of the worm as an argument it might be the work of a state program, while political observers suggest the same, given that Iran has suffered disproportionately.

Political Science Professor Said Sadek of the American University in Cairo: "It is very clear there was an attempt to send a strong message to Iran and its nuclear program by informing the Iranian authorities that their program is not immune and that someone can enter and penetrate and destroy and sabotage the whole process," Sadek said.

Sadek says because of the secrecy of the Iranian government and its tendency to downplay negative developments, it is difficult to tell what the full impact of Stuxnet may be.

The Bushehr plant is not believed to play any significant role in what many Western nations believe is Iran's desire to build a nuclear weapon, a goal Tehran denies.


prev next

Breaking News from AFP See all

Press releases See all

Official reports See all