16 April 2021

Iran nuclear attack: Mystery surrounds nuclear sabotage at Natanz

By Gordon Corera

Within hours of Iran proudly announcing the launch of its latest centrifuges, a power blackout damaged some of the precious machines at its site in Natanz.

Iran has described this as an act of "terrorism" and pointed the finger at Israel. But there is still mystery over the cause.

In Israel, some reports have suggested a cyber-attack might have been responsible but Iran has talked of "infiltrators" amid reports of an explosion linked to the power generator.

One thing reports seem to agree on is that an "incident" affected the power distribution network at Natanz, leading to a blackout until emergency power systems kicked in.

A blackout may not sound that serious, but it can be at an enrichment plant. Centrifuges are slender machines linked up in what are called cascades which enrich uranium gas by spinning it at incredibly high speeds using rotors. The stress on the advanced materials involved is intense and the process is technically immensely challenging.

A small problem can send a centrifuge spinning out of control, with parts smashing into each other and damaging a whole cascade.

Ensuring the power supply reaching a centrifuge is perfectly balanced is vital. Which means sabotage of that supply can be catastrophic.

IMAGE COPYRIGHTREUTERSimage captionBanks of centrifuges at the Natanz nuclear plant

The question is: what caused it - a cyber-attack or a physical act of sabotage, like a bomb?

The speculation of cyber-attack comes because Natanz is Ground Zero for cyber-war - the place where the world's first real cyber-attack took place a decade ago.

Most events called cyber-attacks are not really attacks in the physical sense - they are thefts of data. But Stuxnet - the name given to the incident that targeted Iran's nuclear programme over a decade ago - is not just one of the few exceptions but arguably also the first demonstration of what such a cyber-attack looks like.

In that case, computer codes caused real-word damage by interfering with the centrifuge controllers to spin them out of control (and even relaying false messages back to those monitoring them so they would not worry until it was too late). The result was what sounded like a slow-motion explosion as centrifuges crashed into each other. It was an incredibly sophisticated and targeted operation, run jointly by the US and Israel and developed over a period of years.

But that does not mean that a cyber-attack has to be responsible this time. Iran invested heavily in cyber-defence and offense after Stuxnet making such an attack much harder and doing more to protect its systems, including the power supply.

Stuxnet showed the separation between online and physical attacks could be blurry - a cyber incident could cause real-world damage. But it also worked the other way - cyber-attacks sometimes required real-world help. Some of the versions of Stuxnet are believed to have required a person to physically insert a USB into a machine in order to get access to the Iranian system. And a physical act of sabotage might be accompanied by a cyber-intrusion to black out the power or alarm systems.

And there is also precedent for some kind of physical sabotage.

media captionIran's nuclear programme: What's been happening at its key nuclear sites?

Last summer, a previously unknown group calling itself the Homeland Tigers said it was behind a blast which affected a building above ground at Natanz (most of the sensitive work is underground). Statements were sent to the BBC, as well as others, claiming the group were disaffected Iranians and promising more attacks would come. Many at the time assumed Israel was involved in some way, not least because the country has also been linked to the assassination of Iranian nuclear scientists.

In the immediate aftermath of an incident, reports are often conflicting and hazy. There can also deliberate disinformation - sometimes a country like Israel might prefer it to appear that a cyber-incident was involved to protect anyone who infiltrated the site. And Iran itself may either not know, or want to reveal all it knows.

The details are likely to become clearer in the coming days, with more reports pointing towards an explosion at the power supply rather than simply a cyber-incident. But whatever the cause, previous incidents of either online or physical sabotage have only led to temporary setbacks for the Iranian nuclear programme. And this time Iran has again insisted it will push forwards with its work at Natanz.

No comments: