First in a three-part series
For years, the United States has been trying to stop Iran's nuclear program and change what it says is Iran's bad behavior in the Middle East and beyond.
The United States has used economic sanctions, censure by the United Nations, diplomatic engagement and the threat of military action to accomplish these goals — all with little or no success.
At the same time, other, unacknowledged activities have been under way. They have included cyberattacks, assassinations and defections. As it turns out, these efforts have had some success.
'A Covert War'
Covert action is meant to stay just that — covert, clandestine, in the shadows.
And in Iran, it did, for quite some time. But in the last year, much has become known about intelligence operations in Iran, says Bruce Riedel, a former CIA official who is now an analyst with the Saban Center at the Brookings Institution.
"There's little doubt that there's a covert war under way against Iran," he says. "There are at least two players in it: the United States and Israel."
And often, it appears, those players work together.
That was especially true with the Stuxnet worm. The computer virus, apparently developed in Israel with the help of the CIA, was launched in 2009. Sometime the following year, the worm found its way into the computers that control Iran's most important nuclear facility, the uranium enrichment operation at Natanz.
The worm told the gas centrifuges that enrich uranium to spin too fast. Many broke and destroyed other centrifuges — nearly a thousand of them.
The impact of the worm spread even wider, says Muhammad Sahimi, a professor at the University of Southern California who writes for the website Tehran Bureau.
"In fact, not only it destroyed a thousand centrifuges at Natanz — it also forced the government to actually shut down the enrichment facility for a few days," Sahimi says.
That was last year. Computer security companies got wind of it, in part because it may also have affected companies and equipment outside of Iran. And the story became public.
Other Viruses On The Way?
Computer security experts believe the original worm was programmed to mount multiple attacks. That may have occurred, but only up to a point, says David Albright, head of the Institute for Science and International Security in Washington.
"This idea of multiple destruction was built into the planning of the program, and Iran thwarted it just by the simplest of steps — which is panic and shut down everything until you get a sense of what's going on," he says.
Given the success of the Stuxnet worm, it's likely its creators may be constructing Stuxnet 2.0 right now — or other viruses targeting Iran.
Iran may have had to buy new computers to replace those that were affected, and it can't be sure that new computers won't be sabotaged.
In fact, nothing that Iran buys on the international market that could be used in its nuclear program is safe from sabotage, Sahimi says.
"To say the least, probably the uncertainty whether there is a virus somewhere that they haven't detected, that causes a lot of problems for them," he says.
Among those problems, the Russians who are finishing the Bushehr nuclear reactor — Iran's first — stopped their work to ascertain whether it had been infected with the worm.
And this worm isn't the first instance of sabotage, Albright says.
"It's one of many efforts that I think are under way to try to constrain Iran from being able to basically, in a sense, either outfit its centrifuge program or to try to actively disrupt it and break things," he says.
Among the parts of the centrifuges that have been sabotaged, according to Albright, are motors and vacuum pumps. Inspectors from the International Atomic Energy Agency discovered equipment at Iran's nuclear facilities that had passed through one of the U.S. national laboratories, Albright says.
"So you had a case where the U.S. government, at least, what it was doing was buying equipment on the open market and apparently modifying it in some way," he says.
Then the equipment was apparently delivered to front companies that in turn sold it to Iran.
It could have been used for sabotage, or if it was bugged equipment, it could provide information on the location of secret nuclear facilities in Iran.
In any case, Iran's leaders are certainly worried about what they might face next, says Riedel of the Brookings Institution.
"One of the benefits of these kind of programs is that over time it builds paranoia and fear inside the Iranian nuclear program — that they have to be extremely careful that anything they buy may turn out to be a self-destructive pill once it's ingested inside the Iranian program," Riedel says.
In fact, just last week, one of Iran's key nuclear officials disclosed that another computer virus had hit Iran.
The Iranians are calling it the "Stars" virus. They say they have taken care of it.
So far its existence has not been confirmed by computer security specialists outside of Iran. Nevertheless, the effort to sabotage Iran's nuclear program, through cyberattacks or other methods, is certain to continue.