Cyber war on Iran has only just begun

Jul 13, 2012 by Dan De Luce
An Iranian security man stands next to journalists outside the Russian-built Bushehr nuclear power plant in southern Iran in 2010, which was the suspected target of the Stuxnet worm computer. A US cyber war against Iran's nuclear program may have only just begun and could escalate with explosions triggered by digital sabotage, experts say.

A US cyber war against Iran's nuclear program may have only just begun and could escalate with explosions triggered by digital sabotage, experts say.

Although the Iranian regime remains vulnerable to more in the aftermath of the "Stuxnet" worm that disrupted its work, Tehran may be receiving help from Russian proxies for its , some analysts say.

The is "really not that well protected" from more digital assaults and Iran will be hard-pressed to safeguard its uranium enrichment efforts from tainted software, said David Albright, president of the Institute for Science and International Security.

"With Stuxnet, they lost about a year. And it caused a lot of confusion. They really didn't know what hit them," he said. "It looks like a viable way to disrupt their program."

The , which reportedly masterminded the Stuxnet operation along with Israel, has every incentive to press ahead with a cyber campaign to undermine Iran's atomic ambitions, according to analysts.

The next cyber attack, possibly in combination with more traditional spycraft, could shut off valves or issue incorrect orders that might cause an explosion at a sensitive site.

"I think that it could get more violent," Albright told AFP. "I would expect more facilities to blow up."

A major explosion at a missile plant in Iran in November sparked speculation that the incident was the result of .

"There is of course the possibility of sending in a team to modify a system in a way that would make it vulnerable, and then use a at a later date as a trigger event," said David Lindahl, research engineer at the Swedish Defense Research Agency.

A new wave of cyber attacks could involve inserting hardware with infected chips into the industrial process, possibly through an agent or a duped employee, or penetrating diagnostic software used to gauge uranium enrichment or other work, Lindahl said.

But some cyber security experts suspect Russian could be assisting Iran with its digital defenses, and possibly helped Tehran trace the origins of Stuxnet.

"The part that we probably miscalculated on in Stuxnet was the (possible) assistance of the Russians in attribution," said James Lewis, senior fellow at the Center for Strategic and International Studies.

"The Iranians never would have figured this out on their own," said Lewis, a former senior government official with the Departments of State and Commerce.

The elaborate Stuxnet malware, which was reportedly introduced using a thumb drive, contained malicious code that caused centrifuges used to enrich uranium to spin out of control. The worm, meanwhile, sent back signals to operators indicating the centrifuges were operating normally.

After the malware was discovered in 2010, at least a thousand centrifuges had to be removed and analysts estimate Tehran's program was set back by at least a year.

By pushing the boundaries of cyber warfare, the United States has left itself open to retaliation. But US officials clearly view the risks associated with digital strikes as dwarfed by the dangers of an all-out war with Iran.

Bombing raids are "more likely to explode the region and certainly could lead to a conflict with Iran, and that would be very messy," said Lewis. "Cyber is much cleaner."

Although unnamed officials told The New York Times that the United States and Israel were behind the digital operations, cyber attacks -- unlike air strikes -- allow for "plausible deniability," he said.

The Stuxnet worm broke new ground by successfully hijacking a program designed to supervise power plants or other large industrial systems, said Sean McGurk, a consultant who previously led efforts at the Department of Homeland Security.

"Stuxnet demonstrated going from a disruptive capability to a destructive capability and that's what made it unique," he said.

The super virus also was unusual for the way it sought out a specific target while sidestepping systems that did not fit certain criteria.

"Almost all cyberattacks are 'to whom it may concern' but Stuxnet was a bullet with someone's name on it," Lindahl said.

"Repeating something like Stuxnet or (computer virus) Flame will be much more difficult, because they (the Iranians) will spend a lot more energy trying to stop those activities," he added.

"But the defender needs to plug all holes, while the attacker need only find one."

Explore further: 'SwaziLeaks' looks to shake up jet-setting monarchy

add to favorites email to friend print save as pdf

Related Stories

Second computer worm 'hits Iran'

Apr 25, 2011

Iran has been hit with new malicious software as part of cyber attacks against the country, a military officer told Mehr news agency on Monday without specifying the target.

Iran 'mobilizing' for cyberwar with West: experts

Apr 26, 2012

Iran is busy acquiring the technical know-how to launch a potentially crippling cyber-attack on the United States and its allies, experts told a congressional hearing on Thursday, urging the US to step up ...

Report: Iran's paramilitary launches cyber attack

Mar 14, 2011

(AP) -- Iranian hackers working for the powerful Revolutionary Guard's paramilitary Basij group have launched attacks on websites of the "enemies," a state-owned newspaper reported Monday in a rare acknowledgment from Iran ...

Computer expert says US behind Stuxnet worm

Mar 03, 2011

A German computer security expert said Thursday he believes the United States and Israel's Mossad unleashed the malicious Stuxnet worm on Iran's nuclear program.

Iran says Duqu malware under 'control'

Nov 13, 2011

Iran said on Sunday it had found a way to "control" the computer malware Duqu, which is similar to Stuxnet virus which in 2010 attacked its nuclear programme and infected more than 30,000 computers.

Stuxnet was 'good idea': former CIA chief

Mar 02, 2012

The Stuxnet computer virus sabotage of Iran's nuclear program was a "good idea" but it lent legitimacy to the use of malicious software as a weapon, according to a former CIA director.

Recommended for you

'SwaziLeaks' looks to shake up jet-setting monarchy

2 hours ago

As WikiLeaks founder Julian Assange prepares to end a two-year forced stay at Ecuador's London embassy, he may take comfort in knowing he inspired resistance to secrecy in places as far away as Swaziland.

Ecuador heralds 'digital currency' plans

2 hours ago

Ecuador is planning to create the world's first government-issued digital currency, which some analysts believe could be a first step toward abandoning the country's existing currency, the U.S. dollar, which ...

WEF unveils 'crowdsourcing' push on how to run the Web

16 hours ago

The World Economic Forum unveiled a project on Thursday aimed at connecting governments, businesses, academia, technicians and civil society worldwide to brainstorm the best ways to govern the Internet.

Study: Social media users shy away from opinions

Aug 26, 2014

People on Facebook and Twitter say they are less likely to share their opinions on hot-button issues, even when they are offline, according to a surprising new survey by the Pew Research Center.

US warns shops to watch for customer data hacking

Aug 23, 2014

The US Department of Homeland Security on Friday warned businesses to watch for hackers targeting customer data with malicious computer code like that used against retail giant Target.

User comments : 1

Adjust slider to filter visible comments by rank

Display comments: newest first

gwrede
not rated yet Jul 13, 2012
Soon Windows will be in your phone, too. Which means American spy organisations will own the entire planet. We're screwed.