An Assessment of Initial Cyber-Damage to Iran’s Nuclear Program

Here first are two pertinent facts.
Fact One: While expert and Iranian sources consulted by DEBKA-Net-Weekly agreed that Iran's nuclear program is partly paralyzed by the invasion of the powerfully malignant Stuxnet software, Western intelligence organizations tracking the program disagree about the scale of the shutdown and its effect on Iran's progress toward a weapon.
One faction, most of them US intelligence evaluators, points to the difficulty of separating out the damage caused by the cyber attack from the two other causes of the current slowdown: Technical glitches which Iranian engineers are unable to repair – is one; the absence of a center of authority in Tehran competent to give the directors of the program and its various plants and installations the go-ahead for the next stage and earmark the necessary budgeting – is the other.
According to this group, the slowdown from the latter cause is dramatic. It arises from a seesaw within the revolutionary leadership over where to take the nuclear program next: all the way to a weapon – or not?
(See a separate article in this issue on the falling-out between supreme leader Ayatollah Ali Khamenei and President Mahmoud Ahmadinejad.)
The situation within the program is so "chaotic," according to one US intelligence view reported by DEBKA-Net-Weekly, that "There is no chance that in the next 12-18 months the Iranians will be technologically capable of building a nuclear bomb or warheads."


Stuxnet delays nuclear progress – but may not be the only culprit


If this evaluation holds up, then the Obama administration's judgment – that a decision on action must be taken within a year because by then, Iran will be able to produce an operational weapon – goes by the board. This premise was at the bottom of President Barack Obama's separate understandings with Saudi King Abdullah and Israeli Prime Minister Binyamin Netanyahu in recent weeks.
(See separate item on a new round of US diplomacy to distance Syria from Iran and Hizballah.)
According to this view, the moment of decision has lost its urgency in terms of the need to impose more economic and financial sanctions and, certainly, for military action.
Fact Two: Iran and its nuclear installations in particular have been under attack since July – not by rockets or warplanes – or even covert special forces, but by a malworm called Stuxnet.
Is this worm to blame for the partial shutdowns, delays and chaos described as besetting Iran's nuclear program and the reshuffling of Obama's timeline for it to mature into an operational weapon?
The answer to that question depends on whom you ask.
DEBKA-Net-Weekly posed the question to three different groups of knowledgeable sources in Washington and Jerusalem:
1. The two are certainly connected.
This group finds it possible that the clandestine organization or organizations which launched the cyber offensive – whichever they were – took note of the technical malfunctions dogging Iran's nuclear program and used Stuxnet as a hitch-hiker to make them worse.
But even they were surprised when the malworm turned out to be powerful and harmful enough to open up new diplomatic options for President Obama.


If the US, then the cyber attack saved it from military action


This group is sure it is no accident that the peaking of Stuxnet ravages in Iran coincided with the staging Tuesday, Sept. 28, of the first United States three-to-four day exercise on responses to a hostile cyber-blitz.
The Department of Homeland Security's Cyber Storm III has deployed thousands of cyber-security personnel from government and industry to drill their responses to attacks on vital services such as power, water and banks.
Tehran would not have missed this "coincidence."
2. The two are not connected.
According to this theory, the intelligence organizations responsible for the cyber attack on Iran used the paralytic mess in the nuclear program to leak word of a full Stuxnet virus attack in order to panic Iran's leaders into reaching the "right" decision about their nuclear drive, i.e. to stop short of building a nuclear device and stand still at the critical threshold – or else face a full-blown cyber attack by this deadly malworm.
In other words, the cyber attack on Iran is a lot milder than publicly depicted.
DEBKA-Net-Weekly's military sources confirm that only three countries – the US, Germany and Israel – have the technology and skills for conducting a cyber attack on this order. Since Berlin would not consider such a strike on Tehran, it stands to reason that it must have come from the US and Israel, possibly without either clueing in the other.
One view claims that Washington resorted to Stuxnet to buy time for avoiding military action against Iran and succeeded beyond all its expectations.


If Israel, a single malworm shot down Iran's regional pretensions


According to an alternative hypothesis, Israel used its high-tech military cyber intelligence unit to stage the attack. Tired of being strong-armed by the Obama administration into holding back on a military strike against Iran, Jerusalem accepted a military intelligence recommendation to substitute a cyber offensive for military action, a course Washington has never vetoed.
Israeli planners figured that paralyzing Iran's nuclear program, defusing its military prowess and disabling Revolutionary Guards resources with a single electronic worm, would finally burst the balloon of Iran's pretensions as a mighty regional power. Its innate vulnerabilities would be paraded, making even its Arab neighbors and allies, Syria, Hizballah and Hamas, sit up and note their iconic champion's downfall.
Without confirming whether or not Jerusalem was behind the attack and, if so, if it had the nod from Washington, a senior US intelligence source talking to DEBKA-Net-Weekly recalled how in September 2007 Israel demolished the plutonium reactor North Korea was building as a project to be shared with Iran.
To disarm Syria's Russian-made missiles guarding the reactor, Israel activated the radar's built-in kill switch.
In Iran, too, the source theorized, someone must have planted a similar built-in kill switch in the control systems of its nuclear development infrastructure.
In so doing, Israel found a surprising way out of the controversy over a military strike on Iran's nuclear facilities – at least for the time being. According to this argument, Israel most likely orchestrated the Stuxnet attack and did so successfully.
All that DEBKA-Net-Weekly's sources can say for certain this week is that whoever was behind the first act of cyber war against physical institutions of a state never imagined its success would be so dramatic. A partial catalogue of its results appears in the next article.

Print Friendly, PDF & Email