Here’s how Israel hacked Iran’s nuclear facility

Iran's foreign minister on Monday indicated that Israel is the culprit behind a weekend blackout at a central Iranian nuclear facility. The New York Times reported that Israel played a part in the attack, and an Israel media outlet reported it was a result of a cyberattack carried out by Mossad, Israel's spy agency.

The new Natanz reactor site suffered from an electrical outage, which the head of Iran’s civilian nuclear agency denounced as “nuclear terrorism.”

In July, an explosion at the Natanz facility was also described by Iran as sabotage.

For years, Israel has actively carried out a series of concerted assassinations, explosions and sabotage targeting Iran’s nuclear program and its scientists.

The initial suggestion that the attack was carried out by Mossad was initially reported by Israeli media outlet Kan. The source they use claims that the attack succeeded in realising “significant” damage to the centrifuges, which would delay Iran’s efforts at enriching uranium.

For Iran’s civilian nuclear agency chief, this was incredibly dangerous and could have resulted in a “catastrophic situation”.

He added that some of the older-generation centrifuges were damaged but would be replaced by newer ones.

Stuxnet

To get to the bottom of Israel’s cyberwarfare on Iran, we spoke to a computer science engineer who frequents open source intelligence groups. He has requested that he remain anonymous. 

“The Israeli’s have made hacking Iranians an art form,” he asserts, while referring to the strategic rationale driving Israel’s actions.

“If they can’t prevent Iran’s nuclear program, they can at least delay or hinder it.”

Social Standoff Weapon (SSW), his online moniker, warns that this could lead to another Chernobyl.

Enter Stuxnet - a revolutionary virus that was able to actually damage infrastructure, designed specifically for the Natanz facility in 2010. 

The virus was a game changer. Where previous viruses sought access or information, this virus actively destroyed while manipulating sensor results to indicate everything is fine.

How did the Stuxnet virus attack Iranian centrifuges?

According to Social Standoff Weapon, by hacking the spin of its cylinder and ensuring it could never stop.

The cylinder, containing radioactive gas and material, already spins at a supersonic speed to enrich Uranium.

Chernobyl

Targeting the cylinder is incredibly risky, says SSW.

“Iran's nuclear scientists were confused for years why a certain percentage of their centrifuges kept acting up,” he claims, warning that a centrifuge explosion would be devastating. 

“...With all that radioactive material. It explodes, and damages nearby centrifuges. You have highly radioactive power-plant grade waste all over the place. An explosion could cause a fire and spread the waste even further. The risks of a cascade, overheating or further damage to the facility only raises the risk it could turn into another Chernobyl,” he describes.

Israel wasn’t able to hack Iran’s nuclear infrastructure overnight. 

Multiple recorded instances of Stuxnet’s use on industrial infrastructure around the world can be found. 

In retrospect, SSW says these were hacks to be able to gain access to crucial industrial components, as with Siemens for instance, which is used in centrifuges. Other tests included hacking into a German steel mill in 2014, and hacking hospital drug pumps. 

Future versions of the virus became more contagious, able to spread through local networks and USBs.

How did they get in?

SSW thinks email phishing is likely responsible, where someone shared their password and username by accident. 

“You can call it Pandora’s box,” says Social Standoff Weapon. It’s a new form of modern warfare.  

While there were no casualties in the most recent attack that caused a power outage, it could have still resulted in a disaster. 

In an eerie parallel, the anonymous computer scientists reflect about how the Chernobyl meltdown also occurred because the reactor lost power.

As the shadow war between Israel and Iran only escalates, increasingly advanced cyberweapons are becoming less discriminating over who gets pulled into the crossfire.