A US cyberwar against Iran’s nuclear program may have only just begun and could escalate with explosions triggered by digital sabotage, experts say.
Although the Iranian regime remains vulnerable to more cyberattacks in the aftermath of the “Stuxnet” worm that disrupted its uranium enrichment work, Tehran may be receiving help from Russian proxies, some analysts say.
The nuclear program is “really not that well protected” from more digital assaults and Iran will be hard-pressed to safeguard its uranium enrichment efforts from tainted software, said David Albright, president of the Institute for Science and International Security.
“With Stuxnet, they lost about a year. And it caused a lot of confusion. They really didn’t know what hit them,” he said.
The US has every incentive to press ahead with a cybercampaign to undermine Iran’s atomic ambitions, according to analysts.
“I think that it could get more violent,” Albright said. “I would expect more facilities to blow up.”
“There is of course the possibility of sending in a team to modify a system in a way that would make it vulnerable, and then use a cyberweapon at a later date as a trigger event,” said David Lindahl, research engineer at the Swedish Defense Research Agency.
However, some cybersecurity experts suspect Russian proxies could be assisting Iran with its digital defense and possibly helped Tehran trace the origins of Stuxnet.
“The part that we probably miscalculated on in Stuxnet was the [possible] assistance of the Russians in attribution,” said James Lewis, senior fellow at the Center for Strategic and International Studies. “The Iranians never would have figured this out on their own.”
The elaborate Stuxnet malware caused centrifuges used to enrich uranium to spin out of control. The worm, meanwhile, sent back signals to operators indicating the centrifuges were operating normally.
After the malware was discovered in 2010, at least a thousand centrifuges had to be removed and analysts estimate Tehran’s program was set back by at least a year.
By pushing the boundaries of cyberwarfare, the US has left itself open to retaliation. Yet US officials clearly view the risks associated with digital strikes as dwarfed by those of an all-out war with Iran.
Air raids are “more likely to explode the region and certainly could lead to a conflict with Iran, and that would be very messy,” Lewis said. “Cyber[war] is much cleaner.”
Although unnamed officials told the New York Times that the US and Israel were behind the digital operations, cyberattacks allow for “plausible deniability,” Lewis said.
“Repeating something like Stuxnet or [computer virus] Flame will be much more difficult, because they [the Iranians] will spend a lot more energy trying to stop those activities,” Lindahl said. “But the defender needs to plug all holes, while the attacker need only find one.”