Did Stuxnet Actually Improve Iran’s Nuclear Capabilities?
Friedrich Nietzsche is credited with the old saying: “That which does not kill us makes us stronger.” Today there’s an interesting report concerning Stuxnet and the Iranian nuclear research program that is proving it.
The U.K.’s Telegraph has a story today on a report in a British academic journal, arguing that the Stuxnet malware used to attack and sabotage Iranian nuclear enrichment sites in 2010 may have had the net effect of helping Iran get better at enriching uranium.
Stuxnet, you’ll recall, is the most famous of a series of cyber weapons said to have been used by the U.S. and Israel in a series of joint operations meant to sabotage and delay the ability of Iranian nuclear scientists to enrich uranium and eventually build a nuclear bomb.
Never officially acknowledged by either the U.S. or Israel, the Stuxnet source code was taken apart by computer-security researchers who determined that only a motivated government could have the resources to build it. And the only motivated governments in the world with sufficient know-how are the U.S. and Israel, their argument went. The New York Times finally all but proved them right.
Using data gathered from the International Atomic Energy Agency, King’s College researcher Ivanka Barzashka concluded that the Stuxnet attacks exposed weaknesses in Iranian systems that would otherwise have gone undetected, and which have since been patched. Since then, she said, Iran has regrouped and actually boosted its capacity to enrich uranium.
The story goes that the Stuxnet worm was introduced in 2009 via a series of USB drives dropped by intelligence operatives near a targeted facility at Natanz. The worm penetrated computers running pretty much any variant of Microsoft’s Windows, looking for a specific set of machines hooked up to a series of Siemens programmable logic controllers — computers that sit between desktop PCs and industrial equipment like, say, nuclear centrifuges.
What it did was show operators a screen depicting centrifuges running normally, while at the same time issuing commands to those centrifuges to spin too fast. Ultimately, several of them exploded. The estimate at the time was that Iran’s nuclear efforts had been set back by two years. It has now been four years since that attack was alleged to have taken place. If Barzashka’s findings are confirmed — and that’s admittedly not going to be easy — it would raise some serious questions about whether or not the Stuxnet attacks were such a good idea in the first place.