Israel Hayom talks to experts in cyber security and nuclear defenses about the electrical “malfunction” at Iran’s Natanz facility. Was it a move designed to scare Tehran, an attack that targeted something much bigger, or merely user error at the local level?
Was the power failure at Iran’s Natanz nuclear facility on Sunday morning an accident, or sabotage? Was it a cyberattack? Israel Hayom approached experts for their take on the as-yet unexplained incident.
Arik Barbing, former head of the Shin Bet security agency’s cyber department, explained that apparently, Sunday’s incident was designed to create fear, and not expose any Israeli operational capabilities.
“Any facility the size of an active nuclear reactor is a very complex one that includes a lot of parts and requires a lot of support. There are large systems that ultimately, whether you want it or not, depend on external suppliers. Whether it’s the high-tension electrical system, suppliers of air conditioners, or any other infrastructure, even control of the gates,” Barbing says.
“A nuclear reactor is such a big building and system that it will never be a ‘state within a state’ and it will always have weak points. Now what is happening is that some administrative supplier is being attacked, and chaos ensures. It also sends the other side a message that says: We’re here, we’re with you, we know perfectly well what you’re doing behind closed doors. It has a huge psychological effect,’ Barbing continues.
Barbing said that a similar action could be carried out in Israel.
“Let’s say that the Kirya [military headquarters] in Tel Aviv has a 14-story building, and all of a sudden I shut down air conditioners on the 4th and 5th floors. I’m not saying that anything like that has happened, but that it could, and the message to Israel will be clear.
“Similarly, I can get to the nuclear reactor at Nahal Sorek and bring down a high-tension wire that leads to it. The message to Israel will get through loud and clear,” he explains.
When asked what strategy underlies acts like these, Barbing says, “These are ‘soft blows,’ like what happened with the ships. The Iranians haven’t sunk any Israeli ship and Israel hasn’t sunk any Iranian ship. Both sides are fighting at a low level of power, understanding the other side and preserving a balance that won’t dictate a response.
“Therefore, I assume that there was no real damage to the Natanz reactor. But the ‘coincidence’ of the Iranian announcement about increasing its nuclear capabilities and this malfunction indicate that some entity was sending a quiet message warning them [the Iranians] not to cross a certain line.”
“It’s a strong message that essentially says, ‘Right now I just shut off the electricity, but I can do a lot more.’ It’s a message that creates pressure and is well understood. The Iranians obviously know that they are vulnerable.”
Barbing says that every action of this type entails a “certain risk.”
“Because it’s possible that it could expose a dangerous weapon that we are keeping for a real war. But world powers usually know how to deal a blow without their action being revealed, they do so through proxy groups on the dark web and in ways that keep them from being exposed to stronger capabilities. But every action like this carries a certain element of risk,” he says.
Cyber expert Menny Barzilay, a member of the Yuval Ne’eman Workshop for Science, Technology, and Security at Tel Aviv University, thinks that a complex attack that targets a nuclear reactor rather than some other nearby facility was perpetrated to do more than cause a power outage.
Barzilay says that either a more significant target was damaged, or the incident was caused by local saboteurs or was even a genuine error on the Iranians’ part.
“First of all, the generator and electrical systems of a nuclear reactor are a very well-defended system, separate from the general electrics, so it’s not as if you bring down all the electricity in an area and hurt the reactor, too,” Barzilay says.
“Even if you cut of the electricity of an entire area, it won’t make any difference to the reactor’s activity because it has its own internal, independent systems. So if someone got to the reactor alone it’s a more precise capability than just an attack.”
“If it was a cyberattack on the reactor itself, it was done by someone who was on the premises and brought an attack tool into the system programs themselves, a tool that was dormant. Either that, or the malfunction was preprogrammed into the system hardware ahead of time.
“In other words, if it was an attack, it wasn’t a remote cyberattack, it was some entity inserted into the system or an attack tool that was implemented from close range that was capable of connecting to the smart generators of a facility like this and shutting down the entire electrical system,” Barzilay observes.
Barzilay explains that the capabilities in play there would be so complicated that agents would have to be put in on the ground.
“This isn’t a tactic that you use to scare the Iranians, but one you use to cause real damage to the site. So if this was an attack, the Iranians aren’t saying what was damaged, they’re glossing over it. Because if this was just an electrical malfunction, I doubt that we’re talking about an attack by a foreign actor because it entails the exposure extremely extensive and powerful capabilities, for no real purpose.”
Nations don’t carry out such high-precision “scare tactics,” because doing so would burn “very unique” capabilities that they would rather keep secret, Barzilay adds.
Dr. Col. (res.) Ori Nissim Levy, an expert in nuclear defense and chairman of the nuclear forum WNF-193.com, explains that an electrical malfunction does not cause any damage to the facility, but discomfits the Iranians.
“Mainly, an electric outage forces the Iranians to turn everything off and start it again. So if it was a power outage, it’s just a general threat, nothing bigger,” he says.
Levy is of the opinion that the incident appears to be a step designed to “frighten, nothing more.”
Either way, he says, a centrifuge creates a gram of nuclear material per year, so a facility that houses 10,000 centrifuges manufactures 10 kg. (22 pounds) of nuclear material per year.
“In effect, the Iranians have a lot more centrifuges, so we can assume that Natanz alone could make a bomb every two years – and of course, there are other facilities. At the moment, at least, it doesn’t look as if whoever shut off the electricity wanted to damage the reactor, but just wanted to make them uncomfortable,” Levy says.