STUXNET REDUX?: ‘Are three mysterious explosions in Iran linked? – Analysis’

JERUSALEM/POST |By Jonah Jeremy Bob | July 2, 2020

A team of experts from Iran’s Atomic Energy Organization are investigating the cause of the incident.

An “incident” occurred at Iran’s Natanz nuclear facility but no damage was caused and the site is operating as usual, Iran’s Atomic Energy Organization said on Thursday.

 
The Natanz Fuel Enrichment Plant (FEP), covering 100,000 square meters and built eight meters underground, is one of several Iranian facilities monitored by the International Atomic Energy Agency (IAEA), a UN nuclear watchdog.

“The incident took place in a facility in an open area near Iran’s Natanz nuclear facility. There were no casualties or damages and the nuclear site is operating as usual,” Iran’s nuclear agency’s spokesman, Behrouz Kamalvandi, was quoted as saying by Iran’s Tasnim news agency.

A team of experts from Iran’s Atomic Energy Organization are investigating the cause of the incident, he said.
 
“There is no concern about the possibility of contamination as one of the sheds which was inactive and under construction was damaged and not the facility itself,” Kamalvandi told state news agency IRNA.
 
The incident immediately raised speculation whether someone physically sabotaged Natanz, hacked it using cyber weapons or whether Iran itself accidentally caused the incident by some kind of technological failure.
 
It is also unclear, since Iran often lies about setbacks, whether the damage was only to the nearby construction site or also to Natanz enrichment facility itself.
 
In 2010, Israel and the US reportedly launched an operation called “Olympic Games” which inserted a worm into the centrifuge cascades at Natanz, destroying close to 1,000 and setting back the Iranian nuclear program. 
 
A June report by the IAEA described Iran has having redeployed cascades of 164 IR-2m and IR-4 centrifuges, representing Iran’s most successful advanced centrifuge types. However, Iran has also experimented with IR-8s and even IR-9s, and had many failures and large numbers of broken centrifuges for which hacking was not responsible.
 
Last week, a gas storage facility or medical center in Tehran exploded, killing 19 people and leaving dozens injured, according to Iranian media. The Islamic Republic claimed the explosion was caused by a gas leak and that  it is probing the incident.
 
However, with the gas incident is so close to this one, speculation is only likely to increase.
 
Recall, in May Iran tried to hack Israel’s water sector. Jerusalem has implied through multiple officials that it responded by hacking Iran’s Shahid Rajaee Port.
 
While neither Iran’s hack nor Israel’s resulted in loss of life, Israel made it clear that it was angry with Tehran for crossing red lines and that the Jewish state  would act to restore deterrence.
 
♦  ♦  ♦  ♦  ♦

Stuxnet is a malicious computer worm, first uncovered in 2010, thought to have been in development since at least 2005. Stuxnet targets supervisory control and data acquisition (SCADA) systems and is believed to be responsible for causing substantial damage to the nuclear program of Iran. Although neither country has openly admitted responsibility, the worm is widely understood to be a cyberweapon built jointly by the United States and Israel.[2][3][4]

Stuxnet specifically targets programmable logic controllers (PLCs), which allow the automation of electromechanical processes such as those used to control machinery and industrial processes including gas centrifuges for separating nuclear material. Exploiting four zero-day flaws,[5] Stuxnet functions by targeting machines using the Microsoft Windows operating system and networks, then seeking out Siemens Step7 software. Stuxnet reportedly compromised Iranian PLCs, collecting information on industrial systems and causing the fast-spinning centrifuges to tear themselves apart.[6] Stuxnet’s design and architecture are not domain-specific and it could be tailored as a platform for attacking modern SCADA and PLC systems (e.g., in factory assembly lines or power plants), most of which are in Europe, Japan, and the US.[7] Stuxnet reportedly ruined almost one-fifth of Iran’s nuclear centrifuges.[8] Targeting industrial control systems, the worm infected over 200,000 computers and caused 1,000 machines to physically degrade.[9]

Stuxnet has three modules: a worm that executes all routines related to the main payload of the attack; a link file that automatically executes the propagated copies of the worm; and a rootkit component responsible for hiding all malicious files and processes, to prevent detection of Stuxnet.[10] It is typically introduced to the target environment via an infected USB flash drive, thus crossing any air gap. The worm then propagates across the network, scanning for Siemens Step7 software on computers controlling a PLC. In the absence of either criterion, Stuxnet becomes dormant inside the computer. If both the conditions are fulfilled, Stuxnet introduces the infected rootkit onto the PLC and Step7 software, modifying the code and giving unexpected commands to the PLC while returning a loop of normal operation system values back to the users.[11][12]

In 2015, Kaspersky Lab noted that the Equation Group had used two of the same zero-day attacks prior to their use in Stuxnet and commented that “the similar type of usage of both exploits together in different computer worms, at around the same time, indicates that the Equation Group and the Stuxnet developers are either the same or working closely together”.[13]

Tags

America's Civil War Rising

America's Civil War Rising (ACWR) is a grassroots educational and public benefits organization. All views and opinions expressed by third-party contributors and authors that are posted and contained on our website herein are solely their own and do not necessarily represent the views and opinions of ACWR, its founding members, volunteers, and/or supporters. ACWR strives to ensure the accuracy and credibility of all news and information but makes no claim as to the veracity or accuracy of any of the views or opinions expressed by third-party authors herein.

Donate with PayPalSupport Our Vital Work

Sign Up for Daily Email Notifications of Our Posts

Email Address *

Legal Policies

Eyes on Terror

ORDER OUR BOOKS

By Nancy Hartevelt KobrinLOOK INSIDE
By Nancy Hartevelt KobrinLOOK INSIDE
By Nancy Hartevelt KobrinLOOK INSIDE
By Nancy Hartevelt KobrinLOOK INSIDE
Nancy Hartevelt KobrinLOOK INSIDE
READ OUR BOOK REVIEWSAND ORDER YOUR COPIES NOW!

Authors

Recommended Sites