'Iran nuclear worm targeted Natanz, Bushehr nuclear sites'
German computer security expert releases new study claiming the Stuxnet worm, which some claim slowed down activity in the Iranian sites, was designed to act as a 'digital warhead.'
The Stuxnet computer worm which hit computers at Iran's Bushehr nuclear power plant, and which experts have estimated slowed down activity both there and in the Natanz uranium-enrichment site, were designed to act as a double "digital warhead" against the Iranian nuclear sites, a new survey said Friday.
In September, experts on Iran and computer security specialists voiced a growing conviction that the worm that has infected Iranian nuclear computers was meant to sabotage the uranium enrichment facility at Natanz - where the centrifuge operational capacity has halved over the past year.
That analysis, based on the characteristic behavior of the Stuxnet worm, contradicted earlier assessments that the target was the nuclear reactor at Bushehr, where officials admitted computers were infected by the virus.
On Saturday, a report by German security expert Ralph Langner claimed that the computer worm was designed as a "digital warheads" against Natanz's centrifuge operational system and the turbines in Bushehr.
Langer was the first expert to uncover the fact that the Stuxnet worm's main goal was to harm Iran's nuclear sites, and the latest report is meant to supplement his earlier findings.
The investigation by the German computer's expert was triggered by the complaint of several Iranian firms to a Russian company that various Russian-made system had been affected by an unknown virus.
The company then recognized that the firms had indeed been hit by the worm known as Stuxnet, and ever since software security experts have been laboring to decipher the worm's code.
Most experts feel that the virus represents a new kind of computer worm, one which is capable not only of targeting computers but also industrial infrastructures which are controlled by those computers.
Originally, the worm damaged the command and control systems of German engineering giant Siemens, systems which serves infrastructure facilities such as oil and gas drilling and production plants, water supply facilities and in Iran, the worm's main target, nuclear sites as well.
Last week, experts from the computer security company Symantec testified before the Senate, claiming that the worm had been developed to damage the engines that operate the centrifuges in the Natanz enrichment site. Weeks ago, Haaretz was the first media outlet that estimated that the worm's main target was the Natanz site.
In a message Langner published on his website on Friday, the German computer security expert described two models for the kind of attacks the worm could have prompted as soon as it was inserted to Siemens' command system: "It appears that warhead one and warhead two were deployed in combination as an all-out cyberstrike against the Iranian nuclear program.”
Experts claim only an organization with the highest technological capabilities could have performed such a cyber attack, with some attributing it to the Israel Defense Force's 8200 intelligence unit or a U.S. intelligence organization, with some saying the worm was the result of a joint Israeli-U.S. effort.
There have been reports in the past of other alleged efforts by Israel and the West to undermine the Iranian nuclear project, some of which also targeted Natanz. These efforts included infiltrating the purchasing networks Iran set up to acquire parts and material for the centrifuges at Natanz and selling damaged equipment to the Iranians. The equipment would then be installed on site and sabotage the centrifuges' work.
The centrifuge - a drum with rotors, an air pump, valves and pressure gauges - is an extremely sensitive system. Generally, 164 centrifuges are linked into a cascade, and several cascades are then linked together. But the centrifuges need to operate in complete coordination to turn the uranium fluoride (UF6 ) they are fed into enriched uranium. Their sensitivity makes them particularly vulnerable to attacks, since damage to a single centrifuge can create a chain reaction that undermines the work of one or more entire cascades.
The International Atomic Energy Agency, whose inspectors regularly visit Natanz, has reported that of the more than 9,000 centrifuges installed on the site, less than 6,000 are operational. The agency did not provide an explanation of this 30 percent drop in capacity compared to a year ago, but experts speculated that the centrifuges were damaged by flawed equipment sold by Western intelligence agencies through straw companies.