After many years, billions spent and massive foreign help, the Ayatollahs still don’t have their Bomb. Why?
Because their whole nuke program was and is… Hacked.
“Stuxnet was designed specifically to attack the PLC (programmable logic control) automation system, manufactured by German conglomerate Siemens, that runs the centrifuges used to enrich uranium at the Natanz facility, according to Symantec experts who analyzed the effects of the virus by reverse-engineering samples found on servers in countries around the world. Variants of Stuxnet have affected the centrifuges in various ways, mostly by changing the activity of valves controlled by the PLC software that feed the uranium to centrifuges at a specific rate required for enrichment.
The earlier version of Stuxnet, according to the antivirus researchers, contained a suite of cyber-weapons to affect the centrifuges, although it was missing the full range of remote control capabilities that the later versions included. In addition, there was a change in later versions of Stuxnet’s attack strategy, varying the speed instead of closing off feed valves to the centrifuges altogether.
Although Stuxnet 0.5 was less aggressive than the later versions, Symantec said, it appeared that the earlier virus was capable of doing as much damage to the nuclear enrichment systems. In 2009, Iran was forced to replace nearly 1,000 centrifuges after the later versions of Stuxnet were found to have compromised the Natanz plant. Symantec, quoting the Institute for Science and International Security, said there was evidence that earlier versions of Stuxnet had done significant damage to Iran’s program as well.
Symantec said it was not clear why the authors of Stuxnet changed their tactics, although it was likely that the controllers of the virus wanted more flexibility in their attacks, the researchers said. “Later versions of Stuxnet were developed using a different development framework, became more aggressive, and employed a different attack strategy that changed the speeds of the centrifuges, suggesting Stuxnet 0.5 did not completely fulfill the attacker’s goals,” Symantec said. Stuxnet 0.5 was preprogrammed to stop working on a specific date in 2009, after which newer versions of the virus took over, the company said.
Symantec did not speculate on how the virus reached the Natanz facility at least twice, considering that Internet connectivity at the site is said to be minimal.
But if one of the goals of Stuxnet was to significantly delay Iran’s nuclear development, the various generations of the virus have apparently been doing the job, said Pavel. “Iran itself has admitted on several occasions that viruses have slowed their nuclear progress, so we can certainly take them at their word on that,” he said. “If the research by Symantec is correct and the earlier version of Stuxnet did slow the program, then this is evidence for a long-standing policy by the people behind Stuxnet to impede Iran. And it does appear that the tool they used to execute this policy — Stuxnet — has been effective.”