Photo Credit: Pixabay

The Middle East is witnessing a new form of kinetic cyber warfare that has dramatically set back Iran’s nuclear program. Dr. Stephen Bryen, former Reagan era Deputy Under Secretary of Defense for Technology and Security, noted military technologist and Asia Times columnist calls it “Son of Stuxnet”. That is a reference to the joint US-Israel malworm virus attack in 2009 -2010 on the Natanz enriched uranium cascade facility that destroyed an estimated 1,000 of 5,000 centrifuges. The difference this time was the cyber-attacks may have generated explosions.
Natanz was hit on July 2, 2020 by an explosion that destroyed the equipment and facilities for producing the current generation of advanced centrifuges. That according to David Albright of the Washington, DC-based Institute for Science and International Security (ISIS) may have set back Iran’s nuclear weapons development by 2 plus years and even longer.

Bryen said that this round of cyber kinetic warfare was initiated “when Iran cyberattacked Israel’s water supply system on April 24 and 25, 2020. The water facility attack was intended to release large amounts of poisonous chlorine into Israel’s water delivery infrastructure, potentially poisoning tens of thousands of Israelis. Israel responded by temporarily disabled the Iranian Shahid Rajaee port (Bandar Abbas) in the Straits of Hormuz.”


More explosive events followed in late June and the first two weeks of July. Bryen noted these events:

• On June 26, a building in the solid fuel assembly plant of the Khojir Missile facility, which also deals with nuclear warhead designs, exploded with such force that it was seen 70 Kms. away. At the same time, an explosion and fire destroyed the power plant servicing the city of Shiraz, plunging it into darkness.
• On June 30, explosions ripped through the sub-basement levels of the Sinna medical center in Tehran killing 13.
• On July 2, an explosion, claimed by an unknown opposition group, the Panthers of the Nation, ripped apart the new centrifuge assembly building in the Natanz nuclear center. The Iranian regime has all but admitted this is a major setback to its enrichment program. The same night, a major complex exploded and burned in Shiraz.
• On July 3, an enormous fire erupted in the northwest part of Shiraz in an unknown location and facility. The same night, another large fire destroyed an unknown facility in Salmas near Tehran.
• On July 4, a fire and explosion in southwest Iran in the predominantly Sunni Arab province of Ahvaz destroyed the power plant. At about the same time, the Karoun Petrochemical plant failed and released what was claimed to be chlorine gas sending about six dozen to the hospital.
• Early on July 7, a powerful explosion engulfed a warehouse or factory of unknown use in Beqarshahr south of Tehran. This is the same vicinity in which the Israelis two years ago seized Iran’s nuclear archives, namely Turouzabad- Kahrizak, and in which Israel and the IAEA suspect also was a major nuclear warehouse.

Bryen said the most significant cyber kinetic attack was against the Natanz centrifuge production facility. That was borne out in the post attack damage assessment made by ISIS. It concluded: “Although the explosion and fire at the Iran Centrifuge Assembly Center does not eliminate Iran’s ability to deploy advanced centrifuges, its destruction must be viewed as a major setback to Iran’s ability to deploy advanced centrifuges on a mass scale for years to come. “This was a crown jewel of their program,” Albright of ISIS said.

The implications are significant. Note what renowned Middle East Expert David Wurmser said in a Bloomberg article by Eli Lake: “The more Iran’s government looks impotent, and the impression is left the Israelis are everywhere, the more high-level Iranian officials will calibrate their survival by cooperating with Americans or Israelis, which itself creates an intelligence bonanza”.

Here are some of the takeaways from the Bryen interview.

Vulnerability of Israeli and US Critical Infrastructure.

US and Israeli water, power, petroleum and gas processing, and manufacturing systems rely on the use of the (Supervisory Control and Data Acquisition) SCADA systems which are vulnerable to cyber-attack.
In 2016, Iran cyber warriors attacked controls on a water dam reservoir in suburban Westchester County, New York. Attacks on the national electrical grid in California in 2014 demonstrated its susceptibility to terrorist and cyber-attacks. Bryen said these attacks by a state sponsor of terrorism could be a “causus belli”.

Importance of Plausible deniability in Cyber Warfare.

Bryen suggests that Israel has been “brilliant” in conducting sophisticated covert and cyber kinetic operations by using in-country assets and highly trained commandos to set up ‘sleeper’ explosions. This was amplified in remarks by former Vice Chief of Staff and Fox News Analyst General Jack Keane: “Keane thought the alleged strikes were ‘a smart strategy’ on the part of Israel. If you accept the objective that we don’t want Iran to have nuclear weapons with missiles that can deliver them, then the strategy the Israelis are doing, likely with at least the moral support of the US, is fairly savvy because it gives the Israelis deniability,” he explained.

The Footprints of Israel in the original Stuxnet.

The 2009-2010 Stuxnet malworm virus, Bryen noted, was imported into the Natanz facility, and spread by “Bluetooth” infecting the Siemens PCS-7 SCADA and programmable controllers that spun the centrifuges out of control. In the encrypted code of Stuxnet was the term ‘My RTUs” meaning Myrtle- the Hebrew for Hadassah or Esther. There was also the code that triggered the spinning of centrifuges out of control: 19790509. That was the date of the execution of the leader of the Iranian Jewish community, Habib Elghanian, the head of the Tehran Persian Jewish Community. His death started the large wave of Iranian Jewish immigration.

Also discussed in the Bryen interview was the parallel launch of the Israeli Ofek16 satellite with more powerful cameras and sensors to provide intelligence on Iranian and proxy threats in the region. Bryen noted the success of an Alaska test of the Israeli Arrow ABM system able to attack ICBMs during launch phase which he gave a “B+” rating versus a poor one for the US Ground Based Mid-Course Interceptors.