Fresh revelations about US involvement in the “Stuxnet” computer virus which damaged an Iranian nuclear facility are likely to complicate the already tense negotiations over Iran’s nuclear programme.
According to a report in the New York Times based on a forthcoming book, President Barack Obama personally ordered the cyberattack on the Iranian nuclear enrichment facility in Natanz in a joint operation with Israel.
Although it has long been widely believed that the US and Israel were behind the 2010 Stuxnet virus, the new details about the Obama administration’s role are likely to add to Iranian mistrust of the US ahead of the next round of negotiations with leading nations over its nuclear programme in three weeks’ time in Moscow.
“The major barrier to any breakthrough in the talks has been the profound lack of trust between the US and Iran,” said Cliff Kupchan, an analyst at Eurasia Group in Washington. “This description is not a game-changer, but it adds to the existing serious obstacles.”
According to Friday’s article, Mr Obama stepped up a project called “Olympic Games” which was started in 2006 under the Bush administration. A spring 2010 virus targeted the Natanz facility and appeared to damage one-fifth of the centrifuges operating there, but after a few months it leaked out into the internet where it became known as Stuxnet.
The report underlines the complicated politics and ethics for the Obama administration of launching such an attack at a time when the US is increasingly worrying about the abilities of other countries to use the techniques of cyberwar against it.
“This is the first attack of a major nature in which a cyberattack was used to effect physical destruction,” Michael Hayden, the former Central Intelligence Agency head, is quoted as saying. “Somebody crossed the Rubicon.”
The revelations come in the same week that security experts have discovered a new virus which has infected computers in Iran and other parts of the Middle East. Known as “Flame”, it is designed to collect information rather than destroy equipment.
Tehran did not react to the New York Times story on Friday. However, the report of US and Israeli involvement in the cyberattack could give more credibility to Iranian claims that the two countries were also behind the assassination of at least four nuclear scientists.
It could also strengthen the Islamic regime’s suspicions that the US and Israel are in much closer agreement than is often thought about the possibility of an Israeli strike on Iran. “It is a lie that the US is against an attack on Iran and Israel may do it on its own,” said one former Iranian official this week. “If Israel attacks the nuclear sites, Iran’s retaliation would be first against the US because Israel is in no place to act without the US permission.”
While former president Akbar Hashemi-Rafsanjani said last week for the second time in recent months that Tehran could not be hostile to the US for ever, Iranian analysts believe Ali Khamenei, Iran’s supreme leader, still believes Washington is using the nuclear issue to push the broader goal of regime change. He has urged politicians not to be fooled by “smiles” – a clear reference to Mr Obama.
However, Iranian anger over the attack has been tempered by the fact that Stuxnet largely failed in its efforts and the Iranian nuclear programme has quickly made up lost ground.
Although the new revelations come at a delicate time for the nuclear talks with Iran, which the Obama administration is keen to continue and would not want to see collapse in the middle of an election campaign, they could offer some domestic political upside. The fact that Mr Obama stepped up the Bush-era cyberwar programme will help counter Republican attacks that his administration has been too soft on Iran.
However, they complicate US efforts to criticise the cyber activities of other governments. In an unusually blunt report issued last year by US intelligence agencies, the Obama administration said that massive cyberespionage operations by China and Russia posed a “significant and growing threat” to US national security, yet other countries often view US complaints as hypocritical given its own cyber activities.
By Geoff Dyer iand James Blitz
@ The Financial Times