The timetable for any US or Israel attack planned for Iran must have been profoundly upset by Tehran's out-of-the-blue capture Sunday, Dec. 4 of the top-secret American stealth RQ-170 unarmed aerial vehicle.
The surveillance drone was supposed to gather intelligence on Iran's nuclear sites in advance of an attack. Those plans have been thrown out of kilter for two reasons:
One: The US and/or Israeli drones, armed and unarmed, to have taken part in operations against Iran's nuclear infrastructure, Revolutionary Guards bases and other strategic targets, dare not venture into Iranian air space until it is fully understood how the secret drone was downed and the risks to those fleets can be safely assessed.
Two: Even before this is determined, the US and Israeli air forces will have to replace existing drone technology with new hardware on the assumption that the RQ-170 drone's secrets are secret no longer. New technologies take time to develop and quick results are not assured – even when the necessary funding is immediately available.
The Americans and Israelis are likely to suspend their plans for Iran until they evaluate the extent of this grave intelligence and technological setback – unlike the Iranians.
Hacking – possible but difficult
On June 2010, the computer control systems of Iran's nuclear program were hit by the Stuxnet worm; in October 2010, about one-third of its Shahab ballistic missiles were destroyed in a mysterious explosion. While investigating these blows and waiting for results, the Iranians did not halt the momentum of work at their nuclear installations, uranium enrichment plants or missiles bases. They carried on as though nothing untoward had taken place.
But before exercising their military option against Iran, the Americans and Israelis will want to be absolutely sure they don't run into an Iranian trap and will therefore seek answers on four key points:
1. The Iranians say the spy drone was “downed with help from the Iranian military’s electronic warfare unit” – i.e. hacking. This would have been extremely difficult. The experts describe the RQ-170's primary communications antennas as fixed atop the aircraft and therefore less susceptible to hacking. To intercept or modify the signal, the hackers would have had to be near the signal’s “footprint.”
Technically that seems unlikely, given that the Sentinel has a special "skin" or coating to mask it from enemy radar detection. But what if the Iranians or their collaborators did manage to develop technology for penetrating this antenna?
If they turn out to have done so, the Americans and Israelis will be faced with the problem of replacing all their drones' communications antennae in the shortest possible time.
All this was hypothetical surmise until Thursday night, Dec. 8. It was confirmed when Iran put on display the captured drone and it was seen to be in almost perfect condition. Therefore, Iran had indeed brought the UAV down by a cyber attack.
Has Iran mastered the high-skill signal jamming technique?
2. Might the Iranians have found ways to defeat the drone's stealth technology and use its sensors and communications systems against other hostile stealth hardware?
3. The Sentinel was designed for reconnaissance missions deep inside enemy territory. It would almost certainly have been fitted with a self-destruct mechanism to save its secrets from falling into hostile hands. If Tehran was telling the truth about the slight damage to the captured aircraft, why weren’t these mechanisms activated?
4. What could Iranian intelligence learn from the cameras and the data found in the drone’s electronic monitoring systems about the sites on which the US aircraft was gathering intelligence for strikes?
By deciphering this data, Tehran would acquire priceless information about the depth of knowledge the Americans, and through them the Israelis, possess on Iran's most secret nuclear facilities and which sites they intended to attack and which to miss.
According to DEBKA-Net-Weekly’s intelligence sources, one way to find out what the Iranians have learned from the captured RQ-170 is to watch and see if sensitive installations identified in the drone's data banks are in fact evacuated to new locations.
To monitor these movements, in order to revamp the Iranian nuclear targeting map – the US would have to send more spy drones into Iranian air space. But this entire project has been suspended.
5. The greatest cause for concern in Washington is Iran’s claim that signal jamming tricked the UAV's systems and caused it to crash. If the Iranians have, in fact, mastered this very sophisticated form of attack, they’d be foolish to tip their hand, say US experts. So in this instance they may be lying.
But the specter of an Iranian breakthrough in this arcane field casts a heavy cloud over the future of aerial warfare and intelligence-gathering – not only in relation to Iran, but also to China, Russia and North Korea.
Duqu the son of Stuxnet is born – and vanishes
There is still a joker in the pack: Suddenly, ever since mid-November, the Stuxnet-like computer virus Duqu has gone dark, vanished off screens worldwide and no one knows why.
Duqu is itself an unknown quantity which first came to light in October when international security researchers alerted Symantec to a virus that appeared to be a variant of Stuxnet with a different function.
The computer security software giant Symantec decided that Duqu is "a precursor to a future Stuxnet-like attack" and may have been created by the same authors: "Its purpose is to gather intelligence data and assets from such entities as industrial control system manufacturers. The attackers are looking for information such as design documents that could help them mount a future attack on an industrial control facility."
On Nov. 14, Iranian officials said that the Stuxnet-like Duqu virus had hit their computers country but had been fixed. After that, a mysterious hand erased all evidence of Duqu from cyber space without leaving a trace.
So what exactly is this mysterious worm up to?
Officials in Tehran have claimed to have fixed Stuxnet too, but it keeps on coming back to haunt their nuclear computer systems. Duqu may not be just a precursor to the next cyber attack on Iran but Stuxnet's successor. If that is so, the new worm will certainly have a role to play in the plans to attack Iran and its nuclear program.