Iran has officially accused Israel of carrying out the attack on the Natanz Nuclear facility, and pledged revenge, and the Iranian Atomic Energy Authority confirmed that the enrichment of uranium by the facility was not affected, as it announced that it had identified the outlet of the sabotage process and is being searched for, according to what was reported by the Iranian "Noor News" website.
It is clear from this information that Iran is sure that its nuclear facility is exposed to electronic sabotage, and that its official accusation means that it has good information to make the accusation fingers to Israel.
Reports indicate that the accident that occurred in the nuclear facility was caused by the interruption of the electricity network that feeds the new centrifuges, which were installed one day before the failure.
We conclude from the talk of Iranian Foreign Ministry, Saeed Khatib Zadeh, that the accident did not leave human or environmental victims, but he indicated that it could have led to what he described as a disaster and a crime against humanity.
Certainly, the attack is electronic, but how did the executing party, whatever it is, access to the electricity network inside the reactor?Is this done remotely or is it an attack from the inside?
We must point out here that the information available on the nature of the electronic attack and its reasons is not yet clearly available, but according to what the media reported, the attack targeted the electricity network, which resulted in a fire or bombing.
Based on this information, the scenario of the Russian cyberspace on the Ukrainian power plants is more likely in this case.
The Russians used in this attack at the end of 2015 a malicious software called TRISIS or Triton designed to disable the industrial automatic control program known as ICS, which allows industrial facilities to stop working safely in the event of existenceProblems, which is the first attack in the world that targets this system and succeeds.
Safety systems work to prevent unsafe conditions in the facility.When the pressure of gas fuel or the reactor temperature rises to an unsafe limits, for example, these programs are closed automatically or starting cooling operations to prevent accidents that threaten health or life.
The virus, which was used in the recent attack on the Iranian reactor, may be of the quality of the software targeting these systems, which unfortunately was not developed by ordinary pirates, but piracy groups linked to countries.
The "Stuxnet" virus, which is widely believed to be a joint American-Israeli manufacturer, is the most famous in the computers viruses family associated with infrastructure sabotage, which is of the Dodel type.
Computer worm is small, stand -alone programs that are not approved on others made for destructive work, or for the purpose of stealing some data for some users while browsing the Internet, or damaging them or their callers, characterized by the speed of spread and difficult to get rid of them due to its superior ability to color, reincarnation and dodging.
In 2010, Stoxint destroyed the Iranian centrifuges at the Iranian establishment Natanz itself, and the attack came amid fears and tension from the West on the Tehran nuclear program.
The virus removed thousands of centrifuges from work, and although what happened, the analyzes indicated that there was a double agent who used the USB storage unit - Flash - has the virus to infect computer systems, And that was not connected to the Internet to protect it specifically from an external attack from a distance.
Once planted, a sleeping worm remained inside the Natanz computer network until a certain set of conditions was met, then the virus of the malware began to work as soon as the conditions were met, and he changed the symbols in the system, and sent signals to safety systems that make it seem that everything works normally.
Stoxint allowed the centrifuges in Natanz at the time to spin at a much higher rate and without noticing safety systems what is happening, which led to its disruption and exit from the service..
These viruses cannot be introduced to the networks of nuclear installations from the distance, as these facilities are in no way related to the Internet, and there is a special safety network that hunt any unknown entry of the systems, and there are different levels to reach the parts of the computer network network.
Therefore, it is likely that the penetration occurred from the inside, so the executing party only needs a person who has the ability to reach one of the network -related computers to enter the virus, which will remain in the wrong until it is activated, and in the meantime this customer has been able to escape.
One of the Israeli pilots who attacked the Iraqi nuclear reactor in 1981 mentioned what General Eitan told them before their launch..You think you know a lot, but you don't know anything. ".
This specifically, the general, which the general said in hitting the Iraqi reactor 40 years ago by a traditional military operation, did not know the executing pilots anything about the reasons for the operation is exactly what is now being performed from electronic sabotage operations that the countries or the intelligence can not even have that they possess.Modern technology holding a clear and concrete evidence condemning the executing authority.
