The Dimona complex in the Negev desert is famous as the heavily guarded heart of Israel’s never-acknowledged nuclear arms programme, where rows of factories make atomic fuel for the arsenal.
Over the past two years, according to experts familiar with its operations, Dimona has taken on a new, equally secret role—as a critical testing ground in a joint American and Israeli effort to undermine Iran’s efforts to make a bomb of its own.
Behind Dimona’s barbed wire, the experts say, Israel has spun nuclear centrifuges virtually identical to Iran’s at Natanz, where Iranian scientists are struggling to enrich uranium. They say Dimona tested the effectiveness the Stuxnet computer worm, a destructive program that now appears to have wiped out roughly one-fifth of Iran’s nuclear centrifuges and helped delay, though not destroy, Tehran’s ability to make its first nuclear arms.
“To check out the worm, you have to know the machines,” said an American expert on nuclear intelligence. “The reason the worm has been effective is that the Israelis tried it out.”
Though American and Israeli officials refuse to talk publicly about what goes on at Dimona, the operations there, as well as related efforts in the US, are among the newest and strongest clues suggesting that the virus was designed as an American-Israeli project to sabotage the Iranian programme.
In recent days, the retiring chief of Israel’s Mossad intelligence agency, Meir Dagan, and US secretary of state Hillary Clinton separately announced that they believed Iran’s efforts had been set back by several years. Clinton cited US-led sanctions, which have hurt Iran’s ability to buy components and do business around the world.
Dagan told the Israeli Knesset in recent days that Iran had run into technological difficulties that could delay a bomb until 2015—a sharp reversal from Israel’s long-held argument that Iran was on the cusp of success.
The biggest single factor in putting time on the nuclear clock appears to be Stuxnet, the most sophisticated cyberweapon ever deployed.
Experts who have picked apart the computer worm describe it as far more complex—and ingenious—than anything they had imagined when it began circulating around the world, unexplained, in mid-2009.
Many mysteries remain, chief among them, exactly who constructed a computer worm that appears to have several authors on several continents.
In early 2008, the German company Siemens cooperated with one of the US’ premier national laboratories, in Idaho, to identify the vulnerabilities of computer controllers that the company sells to operate industrial machinery around the world—and that US intelligence agencies have identified as key equipment in Iran’s enrichment facilities.
Seimens says that program was part of routine efforts to secure its products against cyberattacks. Nonetheless, it gave the Idaho National Laboratory the chance to identify well-hidden holes in the Siemens systems that were exploited the next year by Stuxnet.
The worm itself now appears to have included two major components. One was designed to send Iran’s nuclear centrifuges spinning wildly out of control. Another seems right out of the movies: The computer program also secretly recorded what normal operations at the nuclear plant looked like, then played those readings back to plant operators, like a pre-recorded security tape in a bank heist, so that it would appear that everything was operating normally while the centrifuges were actually tearing themselves apart.
The attacks were not fully successful: Some parts of Iran’s operations ground to a halt, while others survived, according to the reports of international nuclear inspectors. Nor is it clear the attacks are over: Some experts who have examined the code believe it contains the seeds for yet more versions and assaults.
“It’s like a playbook,” said Ralph Langner, an independent computer security expert in Hamburg, Germany, who was among the first to decode Stuxnet. “Anyone who looks at it carefully can build something like it.” Officially, neither American nor Israeli officials will even utter the name of the malicious computer program, much less describe any role in designing it.
But Israeli officials grin widely when asked about its effects. US President Barack Obama’s chief strategist for combating weapons of mass destruction, Gary Samore, sidestepped a Stuxnet question at a recent conference about Iran, but added with a smile: “I’m glad to hear they are having troubles with their centrifuge machines, and the US and its allies are doing everything we can to make it more complicated.”
©2011/the new york times