Feeds

'Lab-smashing' Stuxnet HELPED Iran's nuke effort, says brainiac

'No, it didn't' says former Foreign Secretary

Using blade systems to cut costs and sharpen efficiencies

The Stuxnet worm may have actually pushed forward Iran's controversial nuclear programme over the long term.

That's according to a report published by the Royal United Services Institute, an influential defence think tank in the UK.

The infamous worm infected systems at Iran's uranium enrichment facility at Natanz in 2009 and 2010, hobbling high-speed centrifuges after infecting computers connected to SCADA industrial control systems at the plant.

The sophisticated attack, seen as an alternative to a military strike against the facility, is credited with putting Iran's nuclear programme back by between 18 months to two years. The malware worked by infiltrating the SCADA systems used to run the high-speed gas centrifuges. It then randomly, and surreptitiously, speeded them up and slowed them down to induce seemingly random, but frequent, failures.

However, a journal article published by the Royal United Services Institute (RUSI) claims that Iranian authorities redoubled their efforts after Stuxnet was discovered, so that production of fissile material went up - rather than down - a year after the SCADA-busting worm was discovered.

The malware acted as a wake-up call that prompted the Iranians to throw more resources at the nuclear project, bonded personnel together and prompted security audits that uncovered vulnerabilities that might otherwise have gone unnoticed, the Daily Telegraph also noted.

The Obama administration last year leaked its role in developing Stuxnet as part of a wider US-Israeli effort, codenamed Operation Olympic Games, that began under the presidency of George W. Bush. Public revelation of this suspected role thwarted the slim possibility of a diplomatic resolution to Iran's nuclear ambitions, while acting to put the country closer towards a war footing with Israel.

The Washington-based Institute for Science and International Security claimed in February 2011 that Stuxnet likely destroyed about 1,000 IR-1 centrifuges, out of 9,000 deployed at Natanz.

Yet Ivanka Barzashka, an academic at King's College, London, who penned the RUSI article, reckons the initial impact of the worm has been overestimated by those left somewhat awestruck by the effect of the world's first cyber-weapon.

"While Stuxnet may have had the potential to seriously damage Iranian centrifuges, evidence of the worm’s impact is circumstantial and inconclusive," she wrote in the RUSI journal. "Related data shows that the 2009 version of Stuxnet was neither very effective nor well-timed and, in hindsight, may have been of net benefit to Tehran."

Barzashka's analysis is primarily based on publicly available data from the International Atomic Energy Agency (a dedicated “IAEA and Iran” microsite is available here).

Iran decommissioned and replaced about 1,000 high-speed IR-1 centrifuges at its fuel enrichment plant (FEP) at Natanz over just a few months starting late in 2009. But since August 2010 the number of operational machines at Natanz has been "steadily growing", as Barzashka claimed in her piece:

Iran began enrichment to 20 per cent in one IR-1 cascade at the Pilot Fuel Enrichment Plant at Natanz in February 2010, ostensibly to manufacture its own fuel for the Tehran Research Reactor, which is used to produce medical isotopes. This development shows that Iran was able to successfully install and operate new machines in early 2010, between the first and second Stuxnet attack waves. If Stuxnet was the cause of the drop in machine numbers at block A26, it had no effect on Iran's ability to operate and install new IR-1 centrifuges several months later.

The Natanz FEP began operation in February 2007, but prior to Stuxnet could only produce enrichment levels of 3.5 per cent, which is suitable only as low-grade reactor fuel. Barzashka explained that IAEA physical inventory data on the number of centrifuges installed at the Iranian facility are potentially misleading because machines have constantly been installed and upgraded over time.

"Calculations show that performance at the FEP – measured as separative capacity – has increased every year since the beginning of operations in 2007," she writes. "Data for the 2010 reporting period – from 22 November 2009 to November 2010 – are no exception. In fact, uranium-enrichment capacity grew during the time that Stuxnet was said to have been destroying Iranian centrifuges."

Barzashka concluded:

Iran produced more enriched uranium, more efficiently: the entire plant's separative capacity per day increased by about 40 per cent, despite the fluctuations in centrifuge numbers.

In January 2010, Iran was running 1,148 centrifuges fewer than it had operating seven months earlier, in May 2009. In August 2010, IAEA inspectors counted the same number of machines as in August 2008, giving rise to the probable source of the claim that Stuxnet set back Iran's enrichment programme by two years.

Both of these raw figures are misleading, according to the defence analyst.

Barzashka reckons that while Stuxnet might have temporarily slowed Iran, at least in 2009, its operations emerged from the aftermath of the worm leaner and meaner. Its technicians improved centrifuge performance before achieving higher concentrations and greater volumes of enriching uranium than before.

Worse yet, the Iranians are far more wary about - and better prepared to defend against - future cyber-attacks against their nuclear facilities by possible successors to Stuxnet.

"Iran's uranium-enrichment capacity increased and, consequently, so did its nuclear weapons potential," Barzashka wrote. "The malware - if it did in fact infiltrate Natanz - has made the Iranians more cautious about protecting their nuclear facilities,

"The malware did not set back Iran's enrichment programme, though perhaps it might have temporarily slowed down Iran's rate of expansion. Most importantly, Stuxnet or no Stuxnet, Iran's uranium enrichment capacity increased and, consequently, so did its nuclear weapons potential." she concludes.

Former Foreign Secretary Sir Malcolm Rifkind criticised Barzashka's report before stressing that bilateral diplomatic talks between the US and Iran remain the best way to address Iran's nuclear ambitions.

"Part of the objective of many people in the international community has been to stop, or if you can’t stop, to slow down the Iranian nuclear programme," Rifkind, chairman of Parliament's Intelligence and Security Committee told the Telegraph. "In so far as Stuxnet may have done that, and I emphasise may have done that, it was a plus."

"What is undoubted is that it [Stuxnet] significantly slowed down the enrichment process," he added. ®

The smart choice: opportunity from uncertainty

More from The Register

next story
NEW, SINISTER web tracking tech fingerprints your computer by making it draw
Have you been on YouPorn lately, perhaps? White House website?
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Black Hat anti-Tor talk smashed by lawyers' wrecking ball
Unmasking hidden users is too hot for Carnegie-Mellon
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
Own a Cisco modem or wireless gateway? It might be owned by someone else, too
Remote code exec in HTTP server hands kit to bad guys
prev story

Whitepapers

Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.