U.S. President Donald Trump.
| Photo Credit: Reuters

Iran says its nuclear program is peaceful, but it has expanded uranium enrichment. File.
| Photo Credit: Reuters

The Biden administration is concerned that a weakened Iran could build a nuclear weapon, White House National Security Adviser Jake Sullivan said on Sunday (December 22, 2024), adding that he was briefing President-elect Donald Trump’s team on the risk.

Iran has suffered setbacks to its regional influence after Israel’s assaults on its allies, Palestinian Hamas and Lebanon’s Hezbollah, followed by the fall of Iran-aligned Syrian President Bashar al-Assad.

Also read | U.N. nuclear agency’s board condemns Iran for the 2nd time this year for failing to fully cooperate

Israeli strikes on Iranian facilities, including missile factories and air defenses, have reduced Tehran’s conventional military capabilities, Sullivan told CNN.

“It’s no wonder there are voices (in Iran) saying, ‘Hey, maybe we need to go for a nuclear weapon right now … Maybe we have to revisit our nuclear doctrine’,” Sullivan said.

Iran says its nuclear program is peaceful, but it has expanded uranium enrichment since Trump, in his 2017-2021 presidential term, pulled out of a deal between Tehran and world powers that put restrictions on Iran’s nuclear activity in exchange for sanctions relief.

Sullivan said that there was a risk that Iran might abandon its promise not to build nuclear weapons.

“It’s a risk we are trying to be vigilant about now. It’s a risk that I’m personally briefing the incoming team on,” Sullivan said, adding that he had also consulted with U.S. ally Israel.

Trump, who takes office on Jan. 20, could return to his hardline Iran policy by stepping up sanctions on Iran’s oil industry. Sullivan said Trump would have an opportunity to pursue diplomacy with Tehran, given Iran’s “weakened state.”

“Maybe he can come around this time, with the situation Iran finds itself in, and actually deliver a nuclear deal that curbs Iran’s nuclear ambitions for the long term,” he said.

New Delhi:

It’s June, 2009. The streets of Tehran have erupted in protests over the results of a presidential election. The incumbent Mahmoud Ahmadinejad has emerged victorious with an overwhelming majority against Mir-Hossein Mousavi. Protesters alleged a fraudulent victory. Among them is a woman named Neda Agha-Soltan, who on her way to join the main protests, parked her car at some distance from the gathering and stepped out as the vehicle’s air conditioner was not working. As she breathed in the fresh air, a sniper belonging to a government-funded militia took aim and shot her square in the chest. She was dead.

While this was unfolding in Tehran, around 300 kilometres to the south at the Natanz nuclear facility, the heart of Iran’s nuclear program – ‘strange’ things were happening. Just days after Neda’s death, the CIA reportedly received approval to initiate a cyber operation against this facility. The operation involved uploading a sophisticated piece of malware, known as Stuxnet, directly onto Iranian hardware. This malware had been in development for years, a collaborative effort between the United States and Israel, and represented the world’s first digital weapon.

Stuxnet: The Genesis

Stuxnet was not a new presence in Iran’s nuclear infrastructure; it had been causing disruptions for years. However, this new version was designed to deliver a decisive blow. 

The story of Stuxnet’s development and deployment began years earlier. The inception of Stuxnet can be traced back to the early 2000s, during a period of heightened tension between Iran and Western nations over Iran’s nuclear ambitions. The Bush administration, concerned about Iran’s potential to develop nuclear weapons, sought unconventional methods to impede Tehran’s progress. Thus, the covert operation codenamed ‘Olympic Games’ was born. This initiative, involving close collaboration between the CIA, the NSA, and Israel’s Mossad, aimed to create a digital weapon capable of physically disrupting Iran’s nuclear enrichment capabilities.

Stuxnet was not an ordinary piece of malware. Its design reflected a level of sophistication unprecedented in the realm of cyber weapons. The malware targeted Siemens Step7 software, used to control industrial equipment, specifically focusing on the centrifuges at Iran’s Natanz uranium enrichment facility. These centrifuges, essential for enriching uranium, operated at high speeds and required precise control to function correctly.

Stuxnet: The Execution

The US built a replica of Iran’s nuclear facility in its Oak Ridge facility in the state of Tennessee, where they meticulously studied the centrifuges to understand how to sabotage them without detection. In 2007, the first version of Stuxnet was released, targeting these centrifuges by preventing the release of pressure through the valves, causing the uranium gas to solidify and the centrifuges to spin out of control and ultimately self-destruct.

Iran’s nuclear facility was air-gapped, meaning its network was offline, so Stuxnet had to be introduced via an inside agent using a USB drive. The malware operated undetected, using a rootkit to hide its presence and stolen digital certificates to appear as legitimate commands. Despite its effectiveness, initial versions of Stuxnet only slowed Iran’s progress, and did not sabotage it entirely.

In response, US researchers developed a more aggressive version of Stuxnet, using four zero-day exploits and stolen private keys to sign its commands. This version could spread rapidly, even across air-gapped networks, and reprogram the centrifuges to destroy themselves while masking the sabotage as hardware malfunctions.

Stuxnet: The Implications

An insider at Natanz introduced this new version of Stuxnet, and it quickly spread throughout the facility’s network. However, its aggressive nature led to unintended consequences: the malware spread beyond Natanz, infecting computers across Iran and eventually the globe. The CIA, realising the uncontrollable spread of Stuxnet, decided to continue with the operation, hoping it would remain undetected within Natanz.

Their hopes were dashed when cybersecurity firm Symantec discovered Stuxnet and published a detailed report on the malware. Iran soon realised the extent of the cyber attack and took measures to protect their nuclear program. Despite the setbacks caused by Stuxnet, Iran vowed to continue its nuclear ambitions.

One of the earlier hints of Stuxnet’s existence emerged in June 2010 when a Belarusian cybersecurity firm discovered an unusual piece of malware on an Iranian computer. As cybersecurity experts from around the world began analysing the code, they were astounded by its complexity and purpose. 

Impact On Iran’s Nuclear Program

Stuxnet’s impact on Iran’s nuclear program was significant but not immediately catastrophic. By 2009, Iran had installed over 7,000 centrifuges at Natanz, but Stuxnet caused approximately 1,000 of these to fail. The disruptions forced Iran to temporarily halt its enrichment activities and replace the damaged equipment, delaying its nuclear ambitions by several months to years.

The Iranian government, initially oblivious to the cause of the centrifuge failures, eventually recognised the cyber intrusion. Publicly, Iran downplayed the impact of Stuxnet, but internally, it spurred significant investment in cybersecurity measures and the development of offensive cyber capabilities.

Over the following years, targeted assassinations of key Iranian nuclear scientists further crippled their program. Car bombings and other attacks eliminated many of the leaders involved, including the director of the Natanz facility.

Stuxnet: Global Fallout

Stuxnet did not confine itself to Iran. It spread to other countries, including India, Indonesia, and Pakistan, affecting industrial systems worldwide. In India, several critical infrastructure facilities,  reportedly infecting as many as 80,000 computers. Several power plants and manufacturing units were also found to be vulnerable to similar attacks.

In 2013, India adopted the National Cyber Security Policy which focused on “protection of information infrastructure and preservation of the confidentiality, integrity and availability of information in cyberspace”. The following year, the Centre announced the formation of the National Critical Information Infrastructure Protection Centre to further safeguard India’s cyber security space.