Oh no, you're thinking, yet another cookie pop-up. Well, sorry, it's the law. We measure how many people read us, and ensure you see relevant ads, by storing cookies on your device. If you're cool with that, hit “Accept all Cookies”. For more info and to customise your settings, hit “Customise Settings”.

Review and manage your consent

Here's an overview of our use of cookies, similar technologies and how to manage them. You can also change your choices at any time, by hitting the “Your Consent Options” link on the site's footer.

Manage Cookie Preferences

  • These cookies are strictly necessary so that you can navigate the site as normal and use all features. Without these cookies we cannot provide you with the service that you expect.

  • These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests.

  • These cookies collect information in aggregate form to help us understand how our websites are being used. They allow us to count visits and traffic sources so that we can measure and improve the performance of our sites. If people say no to these cookies, we do not know how many people have visited and we cannot monitor performance.

See also our Cookie policy and Privacy policy.
Sign in

Thinktank: 'Lab-smashing' Stuxnet helped Iran's nuke effort

'No, it didn't' says former Foreign Secretary

John Leyden Tue 21 May 2013 // 08:31 UTC

The Stuxnet worm may have actually pushed forward Iran's controversial nuclear programme over the long term.

That's according to a report published by the Royal United Services Institute, an influential defence think tank in the UK.

The infamous worm infected systems at Iran's uranium enrichment facility at Natanz in 2009 and 2010, hobbling high-speed centrifuges after infecting computers connected to SCADA industrial control systems at the plant.

The sophisticated attack, seen as an alternative to a military strike against the facility, is credited with putting Iran's nuclear programme back by between 18 months to two years. The malware worked by infiltrating the SCADA systems used to run the high-speed gas centrifuges. It then randomly, and surreptitiously, speeded them up and slowed them down to induce seemingly random, but frequent, failures.

However, a journal article published by the Royal United Services Institute (RUSI) claims that Iranian authorities redoubled their efforts after Stuxnet was discovered, so that production of fissile material went up - rather than down - a year after the SCADA-busting worm was discovered.

The malware acted as a wake-up call that prompted the Iranians to throw more resources at the nuclear project, bonded personnel together and prompted security audits that uncovered vulnerabilities that might otherwise have gone unnoticed, the Daily Telegraph also noted.

The Obama administration last year leaked its role in developing Stuxnet as part of a wider US-Israeli effort, codenamed Operation Olympic Games, that began under the presidency of George W. Bush. Public revelation of this suspected role thwarted the slim possibility of a diplomatic resolution to Iran's nuclear ambitions, while acting to put the country closer towards a war footing with Israel.

The Washington-based Institute for Science and International Security claimed in February 2011 that Stuxnet likely destroyed about 1,000 IR-1 centrifuges, out of 9,000 deployed at Natanz.

Yet Ivanka Barzashka, an academic at King's College, London, who penned the RUSI article, reckons the initial impact of the worm has been overestimated by those left somewhat awestruck by the effect of the world's first cyber-weapon.

"While Stuxnet may have had the potential to seriously damage Iranian centrifuges, evidence of the worm’s impact is circumstantial and inconclusive," she wrote in the RUSI journal. "Related data shows that the 2009 version of Stuxnet was neither very effective nor well-timed and, in hindsight, may have been of net benefit to Tehran."

Barzashka's analysis is primarily based on publicly available data from the International Atomic Energy Agency (a dedicated “IAEA and Iran” microsite is available here).

Iran decommissioned and replaced about 1,000 high-speed IR-1 centrifuges at its fuel enrichment plant (FEP) at Natanz over just a few months starting late in 2009. But since August 2010 the number of operational machines at Natanz has been "steadily growing", as Barzashka claimed in her piece:

Iran began enrichment to 20 per cent in one IR-1 cascade at the Pilot Fuel Enrichment Plant at Natanz in February 2010, ostensibly to manufacture its own fuel for the Tehran Research Reactor, which is used to produce medical isotopes. This development shows that Iran was able to successfully install and operate new machines in early 2010, between the first and second Stuxnet attack waves. If Stuxnet was the cause of the drop in machine numbers at block A26, it had no effect on Iran's ability to operate and install new IR-1 centrifuges several months later.

The Natanz FEP began operation in February 2007, but prior to Stuxnet could only produce enrichment levels of 3.5 per cent, which is suitable only as low-grade reactor fuel. Barzashka explained that IAEA physical inventory data on the number of centrifuges installed at the Iranian facility are potentially misleading because machines have constantly been installed and upgraded over time.

"Calculations show that performance at the FEP – measured as separative capacity – has increased every year since the beginning of operations in 2007," she writes. "Data for the 2010 reporting period – from 22 November 2009 to November 2010 – are no exception. In fact, uranium-enrichment capacity grew during the time that Stuxnet was said to have been destroying Iranian centrifuges."

Barzashka concluded:

Iran produced more enriched uranium, more efficiently: the entire plant's separative capacity per day increased by about 40 per cent, despite the fluctuations in centrifuge numbers.

In January 2010, Iran was running 1,148 centrifuges fewer than it had operating seven months earlier, in May 2009. In August 2010, IAEA inspectors counted the same number of machines as in August 2008, giving rise to the probable source of the claim that Stuxnet set back Iran's enrichment programme by two years.

Both of these raw figures are misleading, according to the defence analyst.

Barzashka reckons that while Stuxnet might have temporarily slowed Iran, at least in 2009, its operations emerged from the aftermath of the worm leaner and meaner. Its technicians improved centrifuge performance before achieving higher concentrations and greater volumes of enriching uranium than before.

Worse yet, the Iranians are far more wary about - and better prepared to defend against - future cyber-attacks against their nuclear facilities by possible successors to Stuxnet.

"Iran's uranium-enrichment capacity increased and, consequently, so did its nuclear weapons potential," Barzashka wrote. "The malware - if it did in fact infiltrate Natanz - has made the Iranians more cautious about protecting their nuclear facilities,

"The malware did not set back Iran's enrichment programme, though perhaps it might have temporarily slowed down Iran's rate of expansion. Most importantly, Stuxnet or no Stuxnet, Iran's uranium enrichment capacity increased and, consequently, so did its nuclear weapons potential." she concludes.

Former Foreign Secretary Sir Malcolm Rifkind criticised Barzashka's report before stressing that bilateral diplomatic talks between the US and Iran remain the best way to address Iran's nuclear ambitions.

"Part of the objective of many people in the international community has been to stop, or if you can’t stop, to slow down the Iranian nuclear programme," Rifkind, chairman of Parliament's Intelligence and Security Committee told the Telegraph. "In so far as Stuxnet may have done that, and I emphasise may have done that, it was a plus."

"What is undoubted is that it [Stuxnet] significantly slowed down the enrichment process," he added. ®

30 Comments

Other stories you might like

  • Apple iOS privacy clampdown 'did little' to reduce tracking
    Double-standard rules have strengthened iGiant's gatekeeper power
    Thomas Claburn in San Francisco Fri 8 Apr 2022 // 21:06 UTC

    Apple's ramp up in iOS privacy measures has affected small data brokers, yet apps can still collect group-oriented data and identify users via device fingerprinting, according to a study out of Oxford.

    What's more, the researchers claim, Apple itself engages in and allows some forms of tracking, which serve to strengthen its control over the iOS market.

    In a paper titled, "Goodbye Tracking? Impact of iOS App Tracking Transparency and Privacy Labels," due to be published in June for the ACM Conference on Fairness, Accountability, and Transparency 2022, Oxford academics Konrad Kollnig, Max Van Kleek, Reuben Binns, and Nigel Shadbolt, with independent US-based researcher Anastasia Shuba, describe what they found after analyzing 1,759 iOS apps from the UK App Store, both before and after the introduction of iOS 14.

    Continue reading
  • Microsoft dogs Strontium domains to stop attacks on Ukraine
    Software giant sinkholes systems used by Russian gang
    Jeff Burt Fri 8 Apr 2022 // 20:29 UTC

    Microsoft this week seized seven internet domains run by Russia-linked threat group Strontium, which was using the infrastructure to target Ukrainian institutions as well as think tanks in the US and EU, apparently to support Russian's invasion of its neighbor.

    The seizure is also part of a long-running legal and technical hunt by Microsoft to disrupt the work of Strontium – aka APT28 and FancyBear, among other names – via an expedited court process that enables the company to quickly get judicial approval for such actions, according to Tom Burt, corporate vice president of customer security and trust at Microsoft.

    Before the latest seizures, Microsoft had used this process 15 times to take over more than 100 domains controlled by Strontium, which is thought to be run by the GRU, Russia's foreign military intelligence agency. Microsoft obtained a court order for the most recent operation on April 6 and acted immediately.

    Continue reading
  • Newly released Space Force data could save life on Earth
    Goodness, gracious, lots of insights on great balls of fire
    Brandon Vigliarolo Fri 8 Apr 2022 // 20:04 UTC

    The US Space Force is publicly releasing nearly 30 years of data on fireball meteors in the hopes it can improve the detection and impact prediction of near-Earth objects (NEOs).

    The data contains information on bolides, classified as any meteor that has enough mass to become a fireball but not enough to cause a ground impact, several dozen of which happen each year.

    Data from NASA on bolides is publicly available, but the Space Force is adding light curve data to the mix, which the agency said has been greatly sought by the scientific community.

    Continue reading

Biting the hand that feeds IT © 1998–2022

Your Consent Options Cookies Privacy Ts&Cs