A U.S. cyber war against Iran’s nuclear program may have only just begun and could escalate with explosions triggered by digital sabotage, experts told AFP on Friday.
Although the Iranian regime remains vulnerable to more cyber attacks in the aftermath of the Stuxnet worm that disrupted its uranium enrichment work, Tehran may be receiving help from Russian proxies for its digital security, some analysts said.
According to David Albright, president of the Institute for Science and International Security, the Islamic Republic’s nuclear program is “really not that well protected” from more digital assaults and Iran will be hard-pressed to safeguard its uranium enrichment efforts from tainted software.
“With Stuxnet, they lost about a year. And it caused a lot of confusion. They really didn’t know what hit them,” Albright told AFP. “It looks like a viable way to disrupt their program.”
The United States, which reportedly masterminded the Stuxnet operation along with Israel, has every incentive to press ahead with a cyber campaign to undermine Iran’s atomic ambitions, according to analysts.
The next cyber attack, possibly in combination with more traditional spycraft, could shut off valves or issue incorrect orders that might cause an explosion at a sensitive site.
“I think that it could get more violent,” Albright told AFP. “I would expect more facilities to blow up.”
“There is of course the possibility of sending in a team to modify a system in a way that would make it vulnerable, and then use a cyber weapon at a later date as a trigger event,” said David Lindahl, research engineer at the Swedish Defense Research Agency.
A new wave of cyber attacks could involve inserting hardware with infected chips into the industrial process, possibly through an agent or a duped employee, or penetrating diagnostic software used to gauge uranium enrichment or other work, Lindahl told AFP.
Some cyber security experts suspect Russian proxies could be assisting Iran with its digital defenses, and possibly helped Tehran trace the origins of Stuxnet.
“The part that we probably miscalculated on in Stuxnet was the (possible) assistance of the Russians in attribution,” James Lewis, senior fellow at the Center for Strategic and International Studies, told AFP.
“The Iranians never would have figured this out on their own,” he added.
The elaborate Stuxnet malware, which was reportedly introduced using a thumb drive, contained malicious code that caused centrifuges used to enrich uranium to spin out of control. The worm, meanwhile, sent back signals to operators indicating the centrifuges were operating normally.
After the malware was discovered in 2010, at least a thousand centrifuges had to be removed and analysts estimate Tehran’s program was set back by at least a year.
AFP noted that U.S. officials clearly view the risks associated with digital strikes as dwarfed by the dangers of an all-out war with Iran.
Bombing raids are “more likely to explode the region and certainly could lead to a conflict with Iran, and that would be very messy,” said Lewis. “Cyber is much cleaner.”
Another sophisticated computer virus, Flame, struck Iranian computer systems in May. The virus collected critical intelligence in preparation for cyber-sabotage attacks aimed at slowing Iran’s ability to develop a nuclear weapon.
Iran admitted that its oil industry was briefly affected by Flame, but claimed that Iranian experts had detected and defeated the virus.
Security researchers later said that they found a direct link between the Stuxnet worm and Flame, indicating that the two teams cooperated and collaborated. Western officials claimed that the U.S. and Israel jointly developed Flame.
Source material can be found at this site.