New Delhi:

It’s June, 2009. The streets of Tehran have erupted in protests over the results of a presidential election. The incumbent Mahmoud Ahmadinejad has emerged victorious with an overwhelming majority against Mir-Hossein Mousavi. Protesters alleged a fraudulent victory. Among them is a woman named Neda Agha-Soltan, who on her way to join the main protests, parked her car at some distance from the gathering and stepped out as the vehicle’s air conditioner was not working. As she breathed in the fresh air, a sniper belonging to a government-funded militia took aim and shot her square in the chest. She was dead.

While this was unfolding in Tehran, around 300 kilometres to the south at the Natanz nuclear facility, the heart of Iran’s nuclear program – ‘strange’ things were happening. Just days after Neda’s death, the CIA reportedly received approval to initiate a cyber operation against this facility. The operation involved uploading a sophisticated piece of malware, known as Stuxnet, directly onto Iranian hardware. This malware had been in development for years, a collaborative effort between the United States and Israel, and represented the world’s first digital weapon.

Stuxnet: The Genesis

Stuxnet was not a new presence in Iran’s nuclear infrastructure; it had been causing disruptions for years. However, this new version was designed to deliver a decisive blow. 

The story of Stuxnet’s development and deployment began years earlier. The inception of Stuxnet can be traced back to the early 2000s, during a period of heightened tension between Iran and Western nations over Iran’s nuclear ambitions. The Bush administration, concerned about Iran’s potential to develop nuclear weapons, sought unconventional methods to impede Tehran’s progress. Thus, the covert operation codenamed ‘Olympic Games’ was born. This initiative, involving close collaboration between the CIA, the NSA, and Israel’s Mossad, aimed to create a digital weapon capable of physically disrupting Iran’s nuclear enrichment capabilities.

Stuxnet was not an ordinary piece of malware. Its design reflected a level of sophistication unprecedented in the realm of cyber weapons. The malware targeted Siemens Step7 software, used to control industrial equipment, specifically focusing on the centrifuges at Iran’s Natanz uranium enrichment facility. These centrifuges, essential for enriching uranium, operated at high speeds and required precise control to function correctly.

Stuxnet: The Execution

The US built a replica of Iran’s nuclear facility in its Oak Ridge facility in the state of Tennessee, where they meticulously studied the centrifuges to understand how to sabotage them without detection. In 2007, the first version of Stuxnet was released, targeting these centrifuges by preventing the release of pressure through the valves, causing the uranium gas to solidify and the centrifuges to spin out of control and ultimately self-destruct.

Iran’s nuclear facility was air-gapped, meaning its network was offline, so Stuxnet had to be introduced via an inside agent using a USB drive. The malware operated undetected, using a rootkit to hide its presence and stolen digital certificates to appear as legitimate commands. Despite its effectiveness, initial versions of Stuxnet only slowed Iran’s progress, and did not sabotage it entirely.

In response, US researchers developed a more aggressive version of Stuxnet, using four zero-day exploits and stolen private keys to sign its commands. This version could spread rapidly, even across air-gapped networks, and reprogram the centrifuges to destroy themselves while masking the sabotage as hardware malfunctions.

Stuxnet: The Implications

An insider at Natanz introduced this new version of Stuxnet, and it quickly spread throughout the facility’s network. However, its aggressive nature led to unintended consequences: the malware spread beyond Natanz, infecting computers across Iran and eventually the globe. The CIA, realising the uncontrollable spread of Stuxnet, decided to continue with the operation, hoping it would remain undetected within Natanz.

Their hopes were dashed when cybersecurity firm Symantec discovered Stuxnet and published a detailed report on the malware. Iran soon realised the extent of the cyber attack and took measures to protect their nuclear program. Despite the setbacks caused by Stuxnet, Iran vowed to continue its nuclear ambitions.

One of the earlier hints of Stuxnet’s existence emerged in June 2010 when a Belarusian cybersecurity firm discovered an unusual piece of malware on an Iranian computer. As cybersecurity experts from around the world began analysing the code, they were astounded by its complexity and purpose. 

Impact On Iran’s Nuclear Program

Stuxnet’s impact on Iran’s nuclear program was significant but not immediately catastrophic. By 2009, Iran had installed over 7,000 centrifuges at Natanz, but Stuxnet caused approximately 1,000 of these to fail. The disruptions forced Iran to temporarily halt its enrichment activities and replace the damaged equipment, delaying its nuclear ambitions by several months to years.

The Iranian government, initially oblivious to the cause of the centrifuge failures, eventually recognised the cyber intrusion. Publicly, Iran downplayed the impact of Stuxnet, but internally, it spurred significant investment in cybersecurity measures and the development of offensive cyber capabilities.

Over the following years, targeted assassinations of key Iranian nuclear scientists further crippled their program. Car bombings and other attacks eliminated many of the leaders involved, including the director of the Natanz facility.

Stuxnet: Global Fallout

Stuxnet did not confine itself to Iran. It spread to other countries, including India, Indonesia, and Pakistan, affecting industrial systems worldwide. In India, several critical infrastructure facilities,  reportedly infecting as many as 80,000 computers. Several power plants and manufacturing units were also found to be vulnerable to similar attacks.

In 2013, India adopted the National Cyber Security Policy which focused on “protection of information infrastructure and preservation of the confidentiality, integrity and availability of information in cyberspace”. The following year, the Centre announced the formation of the National Critical Information Infrastructure Protection Centre to further safeguard India’s cyber security space. 
 

London:

London, Paris and Berlin on Thursday said they had agreed to a strategy maintaining nuclear proliferation-related sanctions on Iran beyond an October date which had been set to bring partial respite to Tehran.

Under the terms of a 2015 Joint Comprehensive Plan of Action (JCPoA) deal which Washington unilaterally abrogated in 2018 under former president Donald Trump, some sanctions were due to be lifted on October 18 under the terms of a so-called sunset clause.

But in a joint statement from their respective foreign ministries, Britain, France and Germany noted Tehran’s “non-compliance” and underlined their commitment to ensure the country does not obtain a nuclear weapons capacity.

“In direct response to Iran’s consistent and severe non-compliance with its JCPoA commitments since 2019, the governments of France, Germany, and the United Kingdom intend to maintain nuclear proliferation-related measures on Iran, as well as arms and missile embargoes, after JCPoA Transition Day on 18 October 2023,” a statement read.

The statement said the decision was fully compliant with the JCPoA, given continued Iranian “non-compliance” and given that “Iran has refused opportunities to return to the JCPoA twice and has continued to expand its programme beyond JCPoA limitations and without any credible civilian justification,” taking its stockpile of enriched uranium to more than 18 times the amount permitted under the deal.

The ministries at the same time stressed their “commitment to finding a diplomatic solution” and added the decision would be reversed if Iran fully implemented its JCPoA commitments.

A British Foreign Office statement noted that “alongside our French and German partners, we have taken a legitimate and proportionate step in response to Iran’s actions.”

(Except for the headline, this story has not been edited by NDTV staff and is published from a syndicated feed.)