Natanz ‘sabotage’ highlights Iran’s vulnerability to cyber-attacks
The apparent attack by Israel on Iran’s nuclear enrichment facility appears to be the latest episode in an increasing titfor-tat cyberwar. Both sides have already targeted so-called industrial control systems [ICS], which have emerged as a key weakness for countries across
While Iran described the latest attack as “sabotage”, Israeli media called it a cyber-attack.
The vulnerability of ICS systems, and similar so-called “operating technology” used in industrial processes and large infrastructure plants – from electrical grids, to steel, chemical and water treatment plants – was demonstrated more than a decade ago by revelation of the US-Israeli Stuxnet malware attack on the Natanz plant.
Since the emergence of the Stuxnet virus, attempts to hack and exploit ICS systems have emerged as one of the most dangerous and contested frontlines in cyberwarfare around the world, with officials in the Biden administration last week revealing a planned executive order to beef up US defences.
The appeal of cyber-attacks via operational technology is that – unlike more conventional hacking to steal data – they are aimed at a physical impact, whether a power blackout, water contamination or causing systems to overrun and become damaged, even explode.
Iran, whose nuclear efforts have historically relied on Siemens industrial control technology, one of the gateways attacked by Stuxnet, is particularly vulnerable to these kinds of attack be