Natanz ‘sabotage’ highlights Iran’s vulnerability to cyber-attacks

Analysis: Apparent attack by Israel is a reminder of the weaknesses of industrial control systems

The apparent attack by Israel on Iran’s nuclear enrichment facility appears to be the latest episode in an increasing tit-for-tat cyberwar. Both sides have already targeted so-called industrial control systems [ICS], which have emerged as a key weakness for countries across the globe.

While Iran described the latest attack as “sabotage”, Israeli media called it a cyber-attack.

The vulnerability of ICS systems, and similar so-called “operating technology” used in industrial processes and large infrastructure plants – from electrical grids, to steel, chemical and water treatment plants – was demonstrated more than a decade ago by revelation of the US-Israeli Stuxnet malware attack on the Natanz plant.

Since the emergence of the Stuxnet virus, attempts to hack and exploit ICS systems have emerged as one of the most dangerous and contested frontlines in cyberwarfare around the world, with officials in the Biden administration last week revealing a planned executive order to beef up US defences.

The appeal of cyber-attacks via operational technology is that – unlike more conventional hacking to steal data – they are aimed at a physical impact, whether a power blackout, water contamination or causing systems to overrun and become damaged, even explode.

Iran, whose nuclear efforts have historically relied on Siemens industrial control technology, one of the gateways attacked by Stuxnet, is particularly vulnerable to these kinds of attack because of embargos on the transfer of technology that could be used in the programme to protect control systems.

In 2010, Stuxnet was among the most sophisticated malware ever detected, reportedly damaging as many as one-fifth of the nuclear centrifuges in Iran.

That attack, however, led Iran to develop its own ability for cyber-attacks on critical infrastructure led by a group of hackers known as APT33, which has recently shifted its interest from IT networks to ICS.

Last year, Israeli media blamed Iranian hackers for two attacks on water treatment plants in the country.

While attacks like the latest at Natanz have inevitably grabbed the headlines, they are only the most obvious evidence of a continuing cyber conflict.

Last autumn, an Iranian news agency reported cyber-attacks had hit the electronic infrastructure of the country’s ports. An official said: “Sworn enemies have been trying for some time to carry out cyber-attacks.”

While a report by researchers at Tenable two years ago suggested that countries had become better at protecting infrastructure against the threat of attacks similar to Stuxnet, they still found numerous vulnerabilities in ICS systems.

Contributor

Peter Beaumont

The GuardianTramp

Related Content

Article image
Natanz nuclear plant attack ‘will set back Iran’s programme by nine months’
US intelligence sources believe Israel was behind Saturday’s cyber-attack on heavily guarded facility

Patrick Wintour Diplomatic editor

12, Apr, 2021 @5:11 PM

Article image
‘Cyber-attack’ hits Iran’s transport ministry and railways
Message boards in train stations show cancellations though rail operator denies disruptions

Staff and agencies

11, Jul, 2021 @12:51 AM

Article image
Iran’s failure to explain uranium traces is ‘big problem’, says IAEA chief
UN nuclear inspectorate chief asks Tehran to ‘come clean’ about uranium found at three sites

Patrick Wintour Diplomatic editor

26, May, 2021 @10:02 AM

Article image
Ex-Mossad chief signals Israel culpability for Iran attacks
Yossi Cohen reveals details of Iran nuclear programme attacks in interview timed to support Netanyahu

Peter Beaumont

11, Jun, 2021 @1:15 PM

Article image
Cyberwar on Iran more widespread than first thought, say researchers
Study of Flame malware used in Middle East and north Africa reveals programmers probably had national backing

Peter Beaumont

21, Sep, 2012 @12:05 PM

Article image
Iranian scientist's death only the latest in long line of attacks blamed on Israel
The Middle East is on edge as the Trump administration enters its final weeks

Oliver Holmes, Jerusalem correspondent

27, Nov, 2020 @6:11 PM

Article image
US charges seven Iranian hackers over cyber-attacks on banks
Department of Justice indicts hackers linked to Iran government for disrupting computer systems in first shift in US-Iranian relations since nuclear treaty

Danny Yadron in San Francisco and Saeed Kamali Dehghan in London

24, Mar, 2016 @4:32 PM

Article image
EU tells Iran it will try to protect firms from US sanctions
EU stays in nuclear deal but official warns there is ‘no one magic option’ over trade after US withdrawal

Patrick Wintour and Jennifer Rankin in Brussels

15, May, 2018 @11:47 AM

Article image
EU rushes to arrange crisis meeting with Iran over nuclear deal
Foreign ministers attempt to soothe fears after Trump threatens to hit European businesses trading with Tehran

Patrick Wintour diplomatic editor, and Julian Borger in Washington

09, May, 2018 @5:24 PM

Article image
Iran's leader lambasts Trump over US exit from nuclear deal
Conservatives in Iran seize on chance to consolidate power over reformists who championed pact

Saeed Kamali Dehghan Iran correspondent

09, May, 2018 @8:28 AM