Iranian President Masoud Pezeshkian, in power since July and a supporter of dialogue with Western countries, has said he wants to remove “doubts and ambiguities” about his country’s nuclear programme. File.
| Photo Credit: Reuters

Iran said on Sunday (November 24, 2024) that it would hold nuclear talks in the coming days with the three European countries that initiated a censure resolution against it adopted by the UN’s atomic watchdog.

Foreign ministry spokesman Esmaeil Baghaei said the meeting of the Deputy Foreign Ministers of Iran, France, Germany and the United Kingdom would take place on Friday, without specifying a venue.

Also read | Taking stock of global nuclear disarmament

“A range of regional and international issues and topics, including the issues of Palestine and Lebanon, as well as the nuclear issue, will be discussed,” the spokesman said in a foreign ministry statement.

Mr. Baghaei described the upcoming meeting as a continuation of talks held with the countries in September on the sidelines of the annual session of the UN General Assembly in New York.

On Thursday, the 35-nation board of governors of the UN’s International Atomic Energy Agency (IAEA) adopted a resolution denouncing Iran for what it called a lack of cooperation.

The move came as tensions ran high over Iran’s atomic program, which critics fear is aimed at developing a nuclear weapon — something Tehran has repeatedly denied.

It also came after IAEA head Rafael Grossi returned from a trip to Tehran, where he appeared to have made headway.

During the visit, Iran agreed to an IAEA demand to cap its sensitive stock of near weapons-grade uranium enriched up to 60% purity.

In response to the resolution, Iran announced it was launching a “series of new and advanced centrifuges”.

Centrifuges enrich uranium transformed into gas by rotating it at very high speed, increasing the proportion of fissile isotope material (U-235).

“We will substantially increase the enrichment capacity with the utilisation of different types of advanced machines,” Behrouz Kamalvandi, Iran’s atomic energy organisation spokesman, told state TV.

The country, however, also said it planned to continue its “technical and safeguards cooperation with the IAEA”.

Iranian President Masoud Pezeshkian, in power since July and a supporter of dialogue with Western countries, has said he wants to remove “doubts and ambiguities” about his country’s nuclear programme.

In 2015, Iran and world powers reached an agreement that saw the easing of international sanctions on Tehran in exchange for curbs on its nuclear program.

But the United States unilaterally withdrew from the accord in 2018 under then-president Donald Trump and reimposed biting economic sanctions, which prompted Iran to begin rolling back on its own commitments.

Tehran has since 2021 decreased its cooperation with the IAEA by deactivating surveillance devices monitoring the nuclear programme and barring UN inspectors.

At the same time, it has increased its stockpiles of enriched uranium and the level of enrichment to 60 percent.

That level is close, according to the IAEA, to the 90%-plus threshold required for a nuclear warhead, and substantially higher than the 3.67% limit it agreed to in 2015.

New Delhi:

It’s June, 2009. The streets of Tehran have erupted in protests over the results of a presidential election. The incumbent Mahmoud Ahmadinejad has emerged victorious with an overwhelming majority against Mir-Hossein Mousavi. Protesters alleged a fraudulent victory. Among them is a woman named Neda Agha-Soltan, who on her way to join the main protests, parked her car at some distance from the gathering and stepped out as the vehicle’s air conditioner was not working. As she breathed in the fresh air, a sniper belonging to a government-funded militia took aim and shot her square in the chest. She was dead.

While this was unfolding in Tehran, around 300 kilometres to the south at the Natanz nuclear facility, the heart of Iran’s nuclear program – ‘strange’ things were happening. Just days after Neda’s death, the CIA reportedly received approval to initiate a cyber operation against this facility. The operation involved uploading a sophisticated piece of malware, known as Stuxnet, directly onto Iranian hardware. This malware had been in development for years, a collaborative effort between the United States and Israel, and represented the world’s first digital weapon.

Stuxnet: The Genesis

Stuxnet was not a new presence in Iran’s nuclear infrastructure; it had been causing disruptions for years. However, this new version was designed to deliver a decisive blow. 

The story of Stuxnet’s development and deployment began years earlier. The inception of Stuxnet can be traced back to the early 2000s, during a period of heightened tension between Iran and Western nations over Iran’s nuclear ambitions. The Bush administration, concerned about Iran’s potential to develop nuclear weapons, sought unconventional methods to impede Tehran’s progress. Thus, the covert operation codenamed ‘Olympic Games’ was born. This initiative, involving close collaboration between the CIA, the NSA, and Israel’s Mossad, aimed to create a digital weapon capable of physically disrupting Iran’s nuclear enrichment capabilities.

Stuxnet was not an ordinary piece of malware. Its design reflected a level of sophistication unprecedented in the realm of cyber weapons. The malware targeted Siemens Step7 software, used to control industrial equipment, specifically focusing on the centrifuges at Iran’s Natanz uranium enrichment facility. These centrifuges, essential for enriching uranium, operated at high speeds and required precise control to function correctly.

Stuxnet: The Execution

The US built a replica of Iran’s nuclear facility in its Oak Ridge facility in the state of Tennessee, where they meticulously studied the centrifuges to understand how to sabotage them without detection. In 2007, the first version of Stuxnet was released, targeting these centrifuges by preventing the release of pressure through the valves, causing the uranium gas to solidify and the centrifuges to spin out of control and ultimately self-destruct.

Iran’s nuclear facility was air-gapped, meaning its network was offline, so Stuxnet had to be introduced via an inside agent using a USB drive. The malware operated undetected, using a rootkit to hide its presence and stolen digital certificates to appear as legitimate commands. Despite its effectiveness, initial versions of Stuxnet only slowed Iran’s progress, and did not sabotage it entirely.

In response, US researchers developed a more aggressive version of Stuxnet, using four zero-day exploits and stolen private keys to sign its commands. This version could spread rapidly, even across air-gapped networks, and reprogram the centrifuges to destroy themselves while masking the sabotage as hardware malfunctions.

Stuxnet: The Implications

An insider at Natanz introduced this new version of Stuxnet, and it quickly spread throughout the facility’s network. However, its aggressive nature led to unintended consequences: the malware spread beyond Natanz, infecting computers across Iran and eventually the globe. The CIA, realising the uncontrollable spread of Stuxnet, decided to continue with the operation, hoping it would remain undetected within Natanz.

Their hopes were dashed when cybersecurity firm Symantec discovered Stuxnet and published a detailed report on the malware. Iran soon realised the extent of the cyber attack and took measures to protect their nuclear program. Despite the setbacks caused by Stuxnet, Iran vowed to continue its nuclear ambitions.

One of the earlier hints of Stuxnet’s existence emerged in June 2010 when a Belarusian cybersecurity firm discovered an unusual piece of malware on an Iranian computer. As cybersecurity experts from around the world began analysing the code, they were astounded by its complexity and purpose. 

Impact On Iran’s Nuclear Program

Stuxnet’s impact on Iran’s nuclear program was significant but not immediately catastrophic. By 2009, Iran had installed over 7,000 centrifuges at Natanz, but Stuxnet caused approximately 1,000 of these to fail. The disruptions forced Iran to temporarily halt its enrichment activities and replace the damaged equipment, delaying its nuclear ambitions by several months to years.

The Iranian government, initially oblivious to the cause of the centrifuge failures, eventually recognised the cyber intrusion. Publicly, Iran downplayed the impact of Stuxnet, but internally, it spurred significant investment in cybersecurity measures and the development of offensive cyber capabilities.

Over the following years, targeted assassinations of key Iranian nuclear scientists further crippled their program. Car bombings and other attacks eliminated many of the leaders involved, including the director of the Natanz facility.

Stuxnet: Global Fallout

Stuxnet did not confine itself to Iran. It spread to other countries, including India, Indonesia, and Pakistan, affecting industrial systems worldwide. In India, several critical infrastructure facilities,  reportedly infecting as many as 80,000 computers. Several power plants and manufacturing units were also found to be vulnerable to similar attacks.

In 2013, India adopted the National Cyber Security Policy which focused on “protection of information infrastructure and preservation of the confidentiality, integrity and availability of information in cyberspace”. The following year, the Centre announced the formation of the National Critical Information Infrastructure Protection Centre to further safeguard India’s cyber security space.