In December 2009, engineers at an underground nuclear plant in Iran's central desert discovered that a centrifuge was breaking off on a bench. They couldn't find the reason anyway.
The so-called centrifuge is a very crucial step in the process of creating nuclear weapons. Of the natural uranium ores, the vast majority of uranium is in the form of uranium-238, which accounts for only 0.7 percent, which is the material needed to make atomic bombs. Therefore, the first step in building a nuclear weapon is to separate uranium-235 from uranium-238 to obtain uranium-235 with higher purity. When uranium-235 is abundant at a level of 3%-5%, it can be used as fuel for nuclear power plants. The manufacture of atomic bombs requires uranium-235, which is more than 90% abundant, that is, weapons-grade enriched uranium. So, the ability to build nuclear power plants and build nuclear weapons are two completely different concepts.
One way to purify uranium-235 is to use centrifuges. Because uranium-238 is slightly heavier than uranium-235, when they are put into a centrifuge and rotated at high speed, the two materials can be separated.
This principle is simple to say, but it is even more difficult to operate than climbing to the sky. This is why the structure and principle of atomic bombs have been disclosed for decades, but only a few countries can build atomic bombs.
In order to purify uranium-235, uranium ore is first chemically transformed into uranium hexafluoride, a highly toxic substance that can corrode most metals, and also reacts violently with water in the air. The safe production and storage of this substance alone is not something that every country can do.
Next, the gaseous uranium hexafluoride is introduced into a centrifuge, which then rotates at a speed of tens of thousands of revolutions per minute, generating a centrifugal force thousands of times the Earth's gravity. Even such a large force can only increase the uranium-235 content in the middle area of the centrifuge by a little bit. The gas in these intermediate regions is then pumped into a second centrifuge and rotated again, increasing the uranium 235 point content a little more. In factories that produce nuclear material, thousands of centrifuges are connected in series and run non-stop for months to get a little weapons-grade uranium-235.
This centrifuge for purifying uranium-235 is certainly not made in any country. The materials used to manufacture the centrifuge need to consider the corrosiveness of uranium hexafluoride, as well as the stability and friction of the individual components at tens of thousands of revolutions per minute. At high temperatures, the components of the centrifuge carbon fiber shrink and the metal parts expand, which requires special design to handle.
Iran acquired the manufacturing technology for centrifuges in the 1990s. In 2006, Iran installed an array of 164 centrifuges at its underground nuclear plant in Natanz. Under the pressure of international sanctions, Iran still expanded the number of centrifuge arrays to 18 in a few years, bringing the total number of centrifuges to 2,952. After several years of operation, it is widely believed that Iran has obtained more than 3% of the abundance of uranium-235.
Centrifuge array at the Natanz underground nuclear plant
However, in December 2009, strange things happened. In this underground nuclear plant, which was guarded by barbed wire and anti-aircraft positions, centrifuges suddenly began to fail in large quantities that could not be repaired. At first dozens, then hundreds. No one knows why.
***
In July 2010, a Belarusian software company discovered a new software virus on a customer's computer. Subsequently, Kaspersky Lab, Symantec and other antivirus software companies studied the code of this new virus. By convention, they named the virus Stuxnet.
This virus made researchers at antivirus companies very strange. First of all, it has 20 times the file size of a normal virus, and the code is extremely complex and rigorous. Ordinary virus code will have bugs of one kind or another, and this virus code from Belarus has almost no bugs.
Second, the virus rarely exploits multiple zero-day vulnerabilities. The so-called zero-day vulnerability refers to a vulnerability in a piece of software that even the developer is not aware of. Exploiting these vulnerabilities to attack ensures success. For hackers, a zero-day vulnerability can fetch tens of thousands or even hundreds of thousands of dollars on the black market. And this Stuxnet virus has the luxury of using four different zero-day vulnerabilities in the code. Apparently, the author believes that the benefits of the virus are much higher than hundreds of thousands of dollars.
Third, although the virus infected many computers, it did not make a substantial attack. When the virus infects a new computer, it automatically detects whether there is a specific version of the industrial control software developed by Siemens on the network where the computer is located. If this version of the software is not detected, the virus automatically goes to sleep. When writing a virus, most hackers always want the virus to infect and attack as many computers as possible. This virus, on the other hand, does the opposite and is very picky about its targets. Among the many judgment conditions, as long as one is not satisfied, no attack will be launched.
Researchers at antivirus software companies counted where and how many people appeared of the virus. They found that Iran was the most infected place, and that the virus undoubtedly spread elsewhere from here. They speculated that the virus's mission was to attack a factory in Iran with specific Siemens industrial control software installed. After searching based on these criteria, all the results point to the same place:
Iran's underground nuclear plant in Natanz.
Then it is already clear that someone programmed a very elaborate virus and then implanted it in the computer systems of Iran's nuclear plant to sabotage the nuclear enrichment facilities here.
There may be a lot of genius hackers who can write viruses as complex as Stuxnet, but they can't have a nuclear enrichment facility to test them. Only governments have the resources to test the virus in a real nuclear plant environment.
So which government would have the ability and incentive to use the virus to sabotage Iran's nuclear plant?
Not many countries meet both conditions.
***
The Arab countries in the Middle East have a total area of about 4.8 million square kilometers and a population of 200 million. Israel, which covers an area of only 20,000 square kilometers, is like a narrow wedge embedded between the Arab countries and the sea. This mini-country is only 0.5 per cent the size of Arab countries and has a population of less than 5 per cent.
The leader of almost every Arab country has threatened to drive the Israelis into the sea. And they did.
A few hours after Israel declared its statehood in 1948, neighboring Arab countries simultaneously declared war on it. In the decades that followed, Israel, with its absolute population disadvantage, won every war and survived tenaciously under the siege of Arab countries.
Arab leaders have come to realize that Israel, despite its small size, has an extremely powerful mobilization capacity. Its special relationship with the United States allowed it to always receive a variety of material support. Time and time again, it has been proven that the Arab states cannot defeat Israel on the battlefield – at least not until they possess nuclear weapons.
The first Arab country to attempt to develop nuclear weapons was Saddam Hussein's Iraq. In 1976, the Iraqi government bought the full range of nuclear reactor technology from the French and built a nuclear power plant 20 kilometers from Baghdad. At the end of 1980, the Israeli government believed that Saddam Hussein was secretly developing nuclear weapons under the guise of nuclear power plants. As most of the time, the Israelis decided to strike first. On June 7, 1981, Israel sent eight F-16 fighter jets to fly at an ultra-low altitude of less than 50 meters through Jordanian and Saudi airspace and carried out a sneak attack on Iraq's nuclear power plant.
The entire attack lasted only 80 seconds. A total of 16 bombs were dropped by eight F16 fighters, 14 of which hit their targets accurately. A special time-lapse fuse allows the bomb to explode after penetrating the concrete roof of a nuclear power plant. The facilities at the nuclear power plant were completely destroyed, and the Iraqi air defense forces did not have time to react. Saddam Hussein then executed all officers above the rank of major in charge of air defense in the area.
In March 2007, Mossad agents took advantage of the Syrian Atomic Energy Commission's business trip to Europe to infiltrate his hotel room and steal information from his computer. Through this operation, the Mossad learned that Syria was secretly developing nuclear weapons on the occasion of building nuclear power plants. Six months later, late at night on 5 September 2007, the Israeli Air Force again flew up a nuclear reactor in Syria. Judging from the subsequent results, this attack made Syria completely abandon its intention to develop nuclear weapons.
The next Middle Eastern country to try to develop its own nuclear weapons is Iran. However, there are two reasons why Israel cannot destroy Iran's nuclear plants, as it has done in previous air strikes on nuclear reactors in Iraq and Syria.
First, Iran is much further away from Israel. Israeli Air Force warplanes must be refueled in the air to carry out such long-distance air strikes. Aerial refueling in the airspace of other countries greatly increases the likelihood of operational exposure.
Second, Iran's nuclear facilities are entirely underground. The Israeli Air Force is not sure that it will destroy the other side's nuclear facilities in an attack.
Iran's Natanz underground nuclear plant, most of the facilities are underground
Air defense positions arranged outside nuclear plants
So the Israelis began using various other methods to prevent Iran from acquiring a nuclear weapon. They have repeatedly sent agents to assassinate Iranian nuclear scientists, but this has at best slowed Iran's development progress. Later, someone came up with the idea of using a virus to destroy centrifuges in Iran's nuclear plants.
A corner of a computer screen was captured in the news of Iran's president's visit to the nuclear plant, which may have given the Israelis key information about the control software
The Israelis discovered that by periodically running the centrifuge at the wrong frequency, it could be left out of control and then blown up. It is said that the Israelis flew to the CIA headquarters in Virginia, USA, and directly dumped the exploded centrifuge fragments on the conference table, convincing the Americans to develop a virus together.
There is a small technical problem: Iran's underground nuclear plants are not connected to the outside world, so the virus cannot infect computers inside nuclear plants through the Internet. However, this is not difficult for the Israelis, and this is what the Mossad is best at. They managed to insert a USB flash drive containing the stuxnet virus into the computer host of an Iranian nuclear plant.
Once inside the Natanz nuclear plant, Stuxnet got to work. In this isolated environment, the virus can no longer receive new instructions over the network, so all its actions are designed to be fully automatic.
After infecting a new computer, Stuxnet automatically detects whether Siemens industrial control software and centrifuge equipment are present in its computer environment. If it were judged to be inside an underground nuclear plant in Iran, Stuxnet would first lurk for 13 days, which is the time it takes for the centrifuge to complete a complete operation. During these 13 days, Stuxnet records the centrifuge operation data for later use. After the 13-day cycle was over, Stuxnet began its attack. It constantly changes the frequency of the centrifuge, causing its connecting parts to break under fatigue.
While destroying the centrifuge, Stuxnet displays a normal operating record in the system, making it impossible for technicians to detect that the centrifuge operating frequency has been tampered with. It's as if a spy infiltrating the building replaced the footage from the security monitoring room with a normal footage recorded in advance.
For a long time, Iranian technicians really didn't know what was going on. They saw the centrifuge shatter one by one, but all the data in the system showed that everything was fine.
According to the idea of the virus authors, Stuxnet should silently complete the task of destroying centrifuges in the Natanz plant, without being detected by anyone. The author also set a self-destruct function in the virus code, after a certain date, stuxnet will stop working and delete itself, leaving no evidence for the outside world.
But I don't know which link went wrong, and Stuxnet was broadcast outside the Natanz plant. Although Stuxnet does not cause damage to the average user's computer, it accidentally exposes it to the public eye.
In November 2010, Iran officially acknowledged that uranium enrichment at Natanz's nuclear plant had been affected by a malicious computer virus, but stressed that the damage caused by the virus was limited. The U.S. and Israeli governments are silent about the matter, never admitting that they have any connection to the virus. Many media outlets have published lengthy reports on the Stuxnet virus with sensational headlines. Experts interviewed said that if the virus authors chose to use the virus to attack power stations, waterworks and gas companies, it could have collapsed a country in the short term. The media concluded that the emergence of Stuxnet marked the first time in the world that a government had launched a cyberwar against another.
But more likely, this is just the first time the U.S. and Israeli governments have been accidentally discovered.