israeli Computer virus in Iran actually targeted larger nuclear facility

New analysis, based on the characteristic behavior of the Stuxnet worm, contradicts earlier assessments that the target was the nuclear reactor at Bushehr. Iranian spokesmen, led by the director of the Bushehr facility, had confirmed that Bushehr's computers were infected by the virus.

Experts on Iran and computer security specialists yesterday voiced a growing conviction that the worm that has infected Iranian nuclear computers was meant to sabotage the uranium enrichment facility at Natanz - where the centrifuge operational capacity has dropped over the past year by 30 percent.

The new analysis, based on the characteristic behavior of the Stuxnet worm, contradicts earlier assessments that the target was the nuclear reactor at Bushehr. Iranian spokesmen, led by the director of the Bushehr facility, had confirmed that Bushehr's computers were infected by the virus. But the director added that while senior staffers' computers were affected, the damage to the reactor's functioning was very limited and would not delay its launch, set for next month.

The Bushehr reactor, however, is considered less of a security threat than Natanz by the intelligence communities in both Israel and the United States. Because intelligence analysts believe Iran would have enough material for at least two nuclear bombs if it enriched the uranium held at Natanz from 3.5 percent to 90 percent, every scenario for an Israeli or American attack on Iran's nuclear facilities has put Natanz high on the list of potential targets.

There have been reports in the past of other alleged efforts by Israel and the West to undermine the Iranian nuclear project, some of which also targeted Natanz. These efforts included infiltrating the purchasing networks Iran set up to acquire parts and material for the centrifuges at Natanz and selling damaged equipment to the Iranians. The equipment would then be installed on site and sabotage the centrifuges' work.

The centrifuge - a drum with rotors, an air pump, valves and pressure gauges - is an extremely sensitive system. Generally, 164 centrifuges are linked into a cascade, and several cascades are then linked together. But the centrifuges need to operate in complete coordination to turn the uranium fluoride (UF6 ) they are fed into enriched uranium. Their sensitivity makes them particularly vulnerable to attacks, since damage to a single centrifuge can create a chain reaction that undermines the work of one or more entire cascades.

The International Atomic Energy Agency, whose inspectors regularly visit Natanz, has reported that of the more than 9,000 centrifuges installed on the site, less than 6,000 are operational. The agency did not provide an explanation of this 30 percent drop in capacity compared to a year ago, but experts speculated that the centrifuges were damaged by flawed equipment sold by Western intelligence agencies through straw companies.

The recent revelations about the Stuxnet worm might provide new insights into the problems encountered by the enrichment facility. German computer expert Frank Rieger wrote in Frankfurter Allgemeine Zeitung on Sunday that Wikileaks, a website specializing in information leaked from government agencies, reported in June on a mysterious accident at Natanz that paralyzed part of the facility. Rieger now thinks the Wikileaks report was connected to the Stuxnet worm. He noted that whoever developed the virus refined its programming to allow it to damage small, sensitive components like regulators, valves and pressure gauges, all of which are found in centrifuges.

The New York Times wrote yesterday that the worm was not particularly successful, as it has also spread to other countries, like India, Indonesia and the U.S. It then contradicted itself by saying that the architects of the virus may not have cared how far the worm spread so long as its prime objective, damaging Iran, was achieved.

The prevailing assessment over the past few days has been that Stuxnet was developed by a highly capable intelligence organization, with Israel's Military Intelligence Unit 8200 and the Mossad being named as suspects.

The alleged breakdown at Natanz last year coincides with the Israeli cabinet's decision to extend the tenure of Mossad chief Meir Dagan. The decision was explained at the time by Prime Minister Benjamin Netanyahu's satisfaction with Dagan's work.

But it should be noted that even if a foreign intelligence agency did manage to partially sabotage the centrifuges, Iran can make do with the centrifuges it has already to continue enriching the uranium in its possession - which is precisely what Tehran is doing now.

http://www.haaretz.com/print-edition/news/computer-virus-in-iran-actually-targeted-larger-nuclear-facility-1.316052