Dutch Intel Aided U.S.-Israeli Stuxnet Cyberattack on Iran, Report Reveals

Mole recruited by AIVD intelligence agency was key to success of 2010 cyber offensive targeting Iran's nuclear enrichment plant in Natanz, attributed to the CIA and Mossad

Mahmoud Ahmadinejad visits the Natanz nuclear enrichment facility, Iran, April 8, 2008.
Presidential official website/Handout/Reuters

An Iranian engineer recruited by Dutch intelligence provided access into Iran's nuclear enrichment plant in Natanz that allowed the CIA and Israeli intelligence to launch the Stuxnet cyber offensive, Yahoo News reported Monday.

According to the report, citing four anonymous intelligence officers, a mole recruited by the Netherlands' AIVD intelligence agency "provided critical data" to ensure the efficacy of the malware's code, and then "provided much-needed inside access" to get Stuxnet computer systems at Natanz "using a USB flash drive."

>> Read more: Iran, Yemen and two more bleeding fronts awaiting Trump's next tweet | Analysis ■ As Trump signals talks with Rohani, Israel ratchets up tensions with Iran | Analysis

Stuxnet, which is widely believed to have been developed by the United States and Israel's Mossad, was discovered in 2010 after it was used to attack the Natanz uranium enrichment facility. It was the first publicly known example of a virus being used to attack industrial machinery, centrifuges in this case.

The CIA, Mossad and AIVD declined to comment on the Yahoo News report.

According to the report, representatives of the Mossad and CIA reached out to AIVD in late 2004, almost three years before Tehran installed its first set of centrifuges at Natanz in February 2007.

The mole, the report said, posed as a mechanic with a front company at Natanz, one of two local companies set up by the Dutch. He didn't install the centrifuges targeted by the attack, but one of the sources told Yahoo News he had gained access that allowed him to "collect information" that would let programmers "update the virus accordingly."

After Stuxnet became public in 2010, there have been reports of arrests and executions of Iranians suspected of aiding the operation. According to two sources quoted by Yahoo News, "there indeed had been loss of life," but it remains unclear whether the Dutch mole was one of those executed.