Did Stuxnet target Iran's Natanz nuclear reactor? (Reuters)
Might Stuxnet have been the preemptive first strike in Israel’s campaign against Iran’s nuclear program?
My post yesterday about Stuxnet noted cybersecurity experts who analyzed the massive computer worm which heavily infected computers in Iran speculated that the likely target was the Bushehr reactor. But there are several reasons leading away from Bushehr and towards Natanz as the more likely target. It is Natanz which is using centrifuges to enrich uranium which could potentially be used to create a nuclear weapon. The centrifuge enrichment process requires precise timing of industrial processes which could easily be disrupted by a worm taking over the factory controls.
Wired reports on this aspect of the story:
Frank Rieger, chief technology officer at Berlin-based security firm GSMK, thinks the more likely target in Iran was a nuclear facility in Natanz. The Bushehr reactor is designed to develop non-weapons-grade atomic energy, while the Natanz facility, a centrifuge plant, is designed to enrich uranium and presents a greater risk for producing nuclear weapons. Rieger backs this claim with a number of seeming coincidences.
The Stuxnet malware appears to have begun infecting systems in January 2009. In July of that year…WikiLeaks posted an announcement saying that an anonymous source had disclosed that a “serious” nuclear incident had recently occurred at Natanz… The site decided to publish the tip after news agencies began reporting that the head of Iran’s atomic energy organization had abruptly resigned for unknown reasons after 12 years on the job.
There’s speculation his resignation may have been due to the controversial 2009 presidential elections in Iran that sparked public protests — the head of the atomic agency had also once been deputy to the losing presidential candidate. But information published by the Federation of American Scientists in the U.S. indicates that something may indeed have occurred to Iran’s nuclear program. Statistics from 2009 show that the number of enriched centrifuges operational in Iran mysteriously declined from about 4,700 to about 3,900 beginning around the time the nuclear incident WikiLeaks mentioned would have occurred.
The same German security expert attempts to explain the fact that computers outside the target country were infected as well, by noting the Russian contractor building Bushehr had lax security and the worm could’ve spread both to its Iranian clients and ones in other countries as well like India and Pakistan. Though it’s true that the Russian contractor was working only on Bushehr and not Natanz, it’s entirely possible that the worm infected a computer at Bushehr and then was transferred to the Natanz system.
A correction to a point I made yesterday. Two digital certificates were used as part of the attack, but they weren’t forged as I reported. They were actually legitimate certificates stolen from two Taiwanese companies, which likely required a physical presence in Taiwan to do so. Again, this could easily have involved the Mossad or even Chinese intelligence (though that takes us in an entirely different direction).
Richard:
Good post. Many years ago Patrick Clawson of the WINEP advocated exactly the same type of operations against the Natanz facility. He claimed that if the centrifuges that are spinning with gaseous hexafluride are damaged, it will not hurt the civilians, an utter nonsense.
Now, if only we could introduce the equivalent of this computer virus into the Palestinian/Israeli conflict.
Shutting that down might well be worth all the time and the effort.
Stuxnet? That’s for the small stuff.
We do have bigger fish to fry.
http://yorketowers.blogspot.com
Not to be an ass, are you aware of the “Website” editbox? I’ve noticed you manually add a link to your blog in every single one of your comments.
As for Stuxnet – There’s more speculation than facts. It’s very interesting nonetheless.
I don’t like such blatant self promotion either. Thanks for bringing this up. John, use the URL field to link to your site, not the comment box.
.
Thanks, Shai and Richard for the advice on the website box/URL field. I hadn’t realised that option was available. No more ‘blatant self-promotion.’
I ‘d like to pose a question.
Given commonly held expectations, how would you evaluate the Israel – Palestinian situation as it might appear ten years from now?
Settled, still in dispute, marginally better or worse than ever?
Today, after sixty years and more of trial and error, that choice, most likely, would still be the last one; the ongoing efforts of Messrs. Obama, Clinton, Mitchell, Abbas, Netanyahu notwithstanding.
Why should this be so?
Sixty years is a long time and yet the dispute seems as firmly entrenched as ever. Either the bulk of a multitude of discussions, meetings, summits and all attempts to rectify the matter have counted for nothing or the subject has become so complex, so out of control that it defies all logic and reasoned argument to remedy it.
Our options may have become too limited by the inherent nature of the conflict ; its deadlocked protagonists, its tragic history, its uncertain future.
What is needed now is a specific direction, some clear path to follow. If this is not forthcoming, then, in ten years time, it may very well be too late to salvage anything. Or anybody.
‘Pull if it does not work when you push.’ Japanese proverb.
If a “Cyber-war” in “stuxnet-style” worked that good, why is the “real-war” against Iran still necessary and in discussion?
Because the Iranians will only ever be a few steps behind in the Virtual War.
Israel wishes Iran (and any other group that opposes it in any way) to be several centuries behind in development.
The real attack IS coming, you just have to be a little more patient.
The ‘phoney war” has already begun, in the form of multile sanctions, and like with Iraq, the list of victims will envelope the innocent and stretch on for a decade.