If you think about it a day or two, you cannot but acknowledge how clever a cyber strike against the centrifuges is. It’s military strategy at its finest. Anybody who has done some research on the Iranian nukes program will be aware that there have been plans to take out the centrifuge plants by bombing. A military hardware strike, however, has significant problems beyond the obvious:
1. Big iron is required as the facilities are buried deeply underground.
2. You never know if you managed to take out ALL facilities, since there is reason to believe that Iran has built some hidden ones that are unknown to the world.
Put these factors together and it is easy to determine that dropping the bunker busters with questionable overall success, but with a full-blown war in the region thereafter is not your strategic dream come true. Now let’s look at the alternative, a cyber strike. It solves THREE problems:
1. You don’t need to send those B-2’s, nobody gets hurt, cost is comparatively minimal, and the victim has no idea how to retaliate; he even has problems confirming that there was an attack.
2. Chance of success in destroying the targets is as good as using explosives.
3. With a well designed attack plan, you EVEN HIT THE UNKNOWN FACILITIES.
The third point is crucial. You can’t drop bombs on targets with geographic location unknown. However, you CAN hit such targets by malware. Especially if the malware is designed to spread via thumb drives and shared folders. It can be taken for granted that the controllers for all of Iran’s centrifuges are VERY similar. It can be assumed that the control systems for any hidden centrifuge plants are equipped with the same I&C products and logic as the known plants. If it is achieved to infect key stations in the centrifuge development program, such as Kalaye Electric, the distribution method implemented in Stuxnet will make sure that with a very high chance, several months later ALL sites are infected, including the ones you don’t know about.
This aspect also leads us to believe that the possibility to blow up a centrifuge quickly by getting it to critical vibration and holding it there until burst is not the goal of the attack, as it would lead to earlier detection. The better strategy would be to induce problems slowly, making sure that all sites get affected before problems surface. This can explain the timing that is implemented in the attack code, holding the aggressive DEADFOOT condition only for short periods, and then resuming undisturbed operation for periods of many days. The victim, having no clue of being under a cyber attack, will replace broken centrifuges by new ones – until ending in frustration. It’s like a Chinese water torture.
For those that have no idea of what such a centrifuge looks like, here is an authentic picture, with the drive marked by a red “D” and the rotor marked by a red “R”. (A second rotor is placed behind the one in the front.) A frequency converter is not on display in this picture.
Further information on the centrifuges can be found at these sites: