A Stuxnet Mutation Goes Underground to Strike Iran’s Nuclear Facility at Fordow

Ears pricked up in Western intelligence circles dealing with Iran over a couple of loaded comments made by Binyamin Netanyahu’s Deputy Prime Minister and Minister for Strategic Affairs Moshe Ya’alon in an interview with the local Army Radio station this week.
DEBKA-Net-Weekly presents the exchange verbatim:
Interviewer: How important are the nuclear talks between Iran and the six world powers starting in mid-April?
Ya’alon: The talks will show whether sanctions have a chance of working or that the Iranians are persisting in their maneuvers while moving forward toward a military nuclear capability.
Interviewer: Does this mean the Netanyahu government might be just weeks away from launching a war against Iran?"
Ya’alon: “No. Look, we have to see. …The (Iranian nuclear) project is not static — whether that means progress, or sometimes, retreat. All sorts of things are happening there.
“Sometimes there are explosions, sometimes there are worms there, viruses, all kinds of things like that.”

Tehran’s SOS for cyber help against new malworm

Reporters took Ya’alon remarks as a reference to the troubles bedeviling Iran’s nuclear program in the past three years, such as the Stuxnet virus which stymied core computer systems and the assassinations of senior scientists. They assumed he was hinting at a new flare-up.
They just happened to hit the nail on the head: Iran is under a new cyber attack.
DEBKA-Net-Weekly’s intelligence and Iranian sources disclose now that, in the second week of March, the Iranians were stunned to encounter a new and unfamiliar mutation of the Stuxnet malworm, whose initial attack was eventually overcome with great difficulty. The virus had slithered underground to infect the computerized command and control centers installed for safety against air and missile attack in a fortified nuclear facility at Fordow, near Qom.
The strange alien had infiltrated the P1 centrifuges for enriching uranium just moved in from Natanz, as well as the new, advanced IR4 machines.
American security firms report that a sample of the new virus had reached them for analysis. They did not say where it came from or whether it was the same malworm which invaded the computer-based systems at Fordow.
Our sources suggest Iran may have urgently sent samples for testing and a cure to Russian and European cyber security firms, which passed them on to American experts.

Stuxnet or Duqu – or both?

Some American cyber warfare buffs suggest the new troublemaker is a form of the Duqu spy program discovered last fall, which was programmed to gather intelligence on industrial control systems for possible use in a future Stuxnet-like attack.
They deduce from the similarity in code that whoever wrote Duqu either wrote Stuxnet too, or had access to the powerful worm’s source code, which was never released in the public domain. Last November, the original Duqu was suspected to have infected systems in several countries, such as Vietnam and France, as well as Iran.
DEBKA-Net-Weekly’s sources are not at all sure that Duqu is Iran’s culprit. They say it is far more likely that an advanced mutation of Stuxnet has returned to the offensive, meaning that Iran’s nuclear program is under its third cyber assault in two and-a-half years.
This theory is of sweeping significance: If true, it would mean that the hugely risky option of striking the Fordow plant by air or with missiles may be less urgent than believed; that the Americans can stop developing more and more powerful Joint Direct Attack Munition GBU 31/32/38 bunker busters; and that the US and Israel can stop arguing about whether the Israeli Air Force is capable of disabling Fordow and other deep-buried nuclear projects.
If new malworms are indeed on the march, Iran’s nuclear program networks are already under malicious attack by an enemy within, one that is capable of reaching nuclear weapons plants in the deepest of bunkers.

Is Israel’s IDF Cyber Brigade at work?

The inference is that Israel has unleashed a new cyber attack on Iran’s nuclear weapons-making systems with the immediate object of disrupting their transfer lock, stock and barrel to impregnable, underground sites. Those sites were dubbed “immunity zones” by Israeli Defense Minister Ehud Barak.
DEBKA-Net-Weekly’s sources believe this cyber attack – if one is really afoot – is only just beginning; Iran is about to be confronted with far more extensive disruptions of the program’s functionality in the coming weeks.
Our military sources say that, if is successful, this offensive will be the most spectacular to have been mounted in the short annals of modern cyber warfare. Some American and other military buffs talk about it in terms of a revolution in military war doctrine, comparable to the advent of fighter jet bombers in the 1950s which revolutionized air force potency and tactics.
The back-room figure pulling the strings of Israel’s cyber force is former Military Intelligence Chief Maj. Gen. (res.) Amos Yadlin, who created the top-secret Israel Defense Forces Cyber Brigade.
A great deal is riding on the efficacy of the new malworm offensive for compromising Iran’s nuclear weapons program. As much depends on the extent of the damage it causes as on the conditions Ayatollah Ali Khamenei decides to lay down for entering into meaningful negotiations on the future of that program with the six world powers next month.

Print Friendly, PDF & Email
Font Resize
Contrast