Iran started to inject fuel into its only nuclear reactor Tuesday, October 26, explaining the three-month delay by the need to fix a leak in the Russian-built reactor's basin. The Atomic Energy Organization of Iran (AEOI) said the loading of 163 fuel rods into the reactor's core began after tests had shown all its systems were functioning properly.
Since August, Iran has steadily denied that the Stuxnet computer virus caused the delay, only admitting that some of the staff's personal computers had been affected. But DEBKA-Net-Weekly's intelligence and Iranian sources confirm that the malworm was in fact the only cause of the postponement and the Iranians are far from sure that it is not still lurking in the system and capable of preventing the full quota of fuel rods being loaded. Even if they are, they are not certain the reactor will finally go on-line and produce electricity.
Our sources report the following steps taken by Tehran to control the damage:
1. From July, when the cyber attack on Bushehr was first discovered, Iran invited three teams of cyber war experts for consultation – the first from Western Europe, the second Russia and the third, Chinese. The last team arrived in early October and has remained to monitor the injection of fuel and the plant's activation.
2. The European and Russian experts concluded that the Stuxnet invasion was enabled by disabling thumb drives and was the work of a foreign intelligence agency.
On their advice, the Iranians had all computer ports – first in Bushehr and later in all their nuclear and military installations – sealed with liquid blocking material. The experts were amazed to find the thumb drives so accessible and, while not 100-percent sure, assumed that this was how Stuxnet was introduced into Iran's computer control networks.
Chinese experts advise dismantling, reprogramming computers
The obvious conclusion was that it was an inside job: In other words, someone working at the Bushehr reactor, a nuclear plant or laboratory, whose computers were linked to the computers at Bushehr, planted the Stuxnet infiltrator via his or her thumb drive – whether deliberately or inadvertently.
4. Although several suspects remain under arrest and are still being questioned, Tehran has to this day not run down the source of the cyber attack and cannot tell whether it was deliberate or not.
The regime has turned naturally to intimidation tactics directed against personnel employed at nuclear facilities; the disclosure Tuesday, Oct. 26 on the day the first fuel rods were loaded at Bushehr, that seven suspected spies for the US and Israel were under arrest was intended to frighten the perpetrator of the virus attack into believing that Iranian security was close on his heels.
5. On the advice of the Chinese experts, all of the software was removed from the computers of the contaminated networks and they were reprogrammed under close surveillance. Every bit was carefully examined before it was inserted in the computer and tested again.
Those experts warned Tehran that the Stuxnet worm may have launched a "semantic attack" designed to fool its victim into believing that its computer systems are virus-free and functioning properly, when in fact they are not, and may not have been for some time.
Therefore, there is no guarantee that Iran's security measures and reprogramming rid its computers of the worm. Stuxnet may still be lurking undetected at an unknown digital location ready to spring back into malign action at an unforeseen moment.