By Kim Zetter
The Explosion and Blackout at the Natanz nuclear facility in Iran’s nuclear facility in Iran over the weekend raised the specter of past sabotage — including the Stuxnet cyberattack that took out some of Natanz’s centrifuges between 2007 and 2010 as well as an explosion and fire that occurred there last July — destroying about three-fourths of a newly opened plant for the assembly of centrifuges.
Government officials and news reports gave conflicting accounts of what caused the latest blasts, the extent of damage, and Iran’s capacity to quickly recover. Initial reports said there was no harm to the Natanz facility, but Iranian officials later acknowledged damage to its centrifuges.
And while media accounts have suggested saboteurs focused on taking out the facility’s electric supply, David Albright, founder and president of the Institute for Science and International Security in Washington, D.C., believes the aim was to destroy centrifuges. Power is easy to restore even when electrical equipment is damaged, allowing enrichment work to quickly resume. But an abrupt blackout that also takes out backup power would have destroyed some centrifuges, Albright says, since they need to be powered down slowly. Failure to do so leads to vibrations that can cause centrifuge rotors and bellows to become damaged and in some cases disintegrate, which is what Albright suspects occurred.
Below is a summary of what we currently know and don’t know about the incident at Natanz.
What Happened?
On Sunday, news organizations reported an electrical blackout at the Natanz uranium enrichment plant, located in the desert about 155 miles south of Tehran. Natanz is critical to Iran’s nuclear program. The heavily secured site is protected by anti-aircraft guns and has two large centrifuge halls buried more than 50 feet underground to protect them from airstrikes. Despite the conflicting reports, it appears the facility’s main power distribution equipment — Natanz has its own grid — was taken out with explosives. Backup emergency electricity also was taken down, and power cut out across the multibuilding compound, Behrouz Kamalvandi, spokesperson for Iran’s Atomic Energy Organization, told Iran’s state-run TV.
Iranian officials initially said there were no casualties or damage to facilities. But Kamalvandi later conceded that the “small explosion” had “damaged sectors [which] can be quickly repaired.” Kamalvandi was speaking from a hospital bed, however, because he had fallen down a 20-foot hole while visiting Natanz after the attack, breaking an ankle and gashing his head. This would suggest that the explosions may have done extensive ground or structural damage.
“This tells me that the damage must be quite a lot in some spots,” says Olli Heinonen, former deputy director of the Safeguards Division of the U.N.’s International Atomic Energy Organization and currently a Distinguished Fellow with the Stimson Center in Washington, DC. “Nuclear installations normally are very safe. There are no open places where you can go down 7 meters just like that. So probably he went to some area that is damaged, and that is a bad sign.”
Reports have indicated that the sabotage set Iran’s uranium enrichment program back nine months. See “How Quickly Can Iran Recover?” below.
Who Was Behind the Explosions?
Iranian Foreign Minister Mohammad Javad Zarif blamed the incident on Israeli sabotage, calling it a “terrorist attack” and “nuclear terrorism.” Both U.S. and Israeli sources have told Western reporters that Israel was indeed behind the attack. Though Israel has not formally taken responsibility for the operation, Lt. Gen. Aviv Kohavi, chief of staff of the Israel Defense Forces seemed to hint at Israel’s involvement during a speech on Sunday at a ceremony for Israeli soldiers.
“The IDF’s actions throughout the Middle East are not hidden from our enemies’ vision, who are observing us, seeing our capabilities and carefully considering their next steps,” he said. “By virtue of clever operational activities, the past year was one of the most secure years that the citizens of the State of Israel have known. We will continue to act, combining power and discretion, determination and responsibility — all of this to guarantee the security of the State of Israel.”
Israel has the most to fear from a nuclear-armed neighbor. Although Iran has long insisted that its controversial nuclear program is peaceful and not a weapons program, the U.S. intelligence community found that Iran did have a nuclear weapons program until 2003, when it halted the program following the U.S.-coalition invasion of Iraq. And although Israel has its own nuclear program, it has worked hard to prevent its close neighbors from developing one as well.
Israel has a long history of sabotaging nuclear facilities in Iraq, Syria, and Iran, both through cyber means — including the sophisticated Stuxnet attack against Iran, which Israel conducted with U.S. and Dutch intelligence agencies — and with conventional bombs and explosives. Israel is also reportedly behind a number of assassinations of Iranian nuclear scientists and officials over the last decade.
The Stuxnet attack was particularly significant because it launched the era of cyberwarfare, as it was the first cyberattack known to use a digital weapon that could leap into the physical realm to cause actual destruction of equipment.
The highly skilled covert operation was conducted in lieu of a kinetic attack to avoid attribution and an escalation in hostilities with Iran; it remained undetected for three years.
Timing of the Sabotage
The sabotage on Sunday seemed timed to send a message — both to Iran and to the U.S. and Europe. It occurred just days after talks began in Vienna to revive the 2015 nuclear agreement that the Obama administration had worked hard to broker with Iran to control its uranium enrichment production. The Trump administration, urged on by Israel, unilaterally withdrew from the deal in 2018 and imposed sanctions on Iran.
The sabotage also occurred the same day U.S. Defense Secretary Lloyd Austin visited Tel Aviv to drum up support for reviving that agreement with Iran. Albright believes it was designed to telegraph to the U.S. that Israel won’t support restoring the old agreement and has no problem scuttling them in order to keep Iran’s nuclear program in check.
The timing of the sabotage was also significant for another reason. The day before the Natanz incident, Iran celebrated National Nuclear Technology Day, an annual event marking the nation’s atomic advances. To mark the event and send a message to its negotiating partners, technicians at Natanz began to operate a small batch of IR-6 centrifuges as well. The majority of centrifuges at Natanz are a model known as IR-1, which is much less efficient at enriching uranium than the IR-6 design. The nuclear agreement signed with Iran in 2015 (known as the Joint Comprehensive Plan of Action, or JCPOA) limited it to using only IR-1 centrifuges,so the installation of the IR-6s is widely seen as a provocation designed to give Iran leverage in the revived talks.
To add to the tension, Iran has been enriching uranium gas to 20 percent since the Trump administration withdrew from the agreement two years ago. Prior to this, it was enriching uranium to 3 to 5 percent. The higher levels put Iran closer to the 90 percent enrichment that is needed for nuclear weapons, all of which raises the stakes for Israel.
Was It a Cyberattack?
Israeli media, among the first to report on the incident, said the sabotage was caused by a cyberattack, though no details have been reported to support this, and other reports have said the sabotage was caused by explosives. It is possible to produce physical explosions through a cyber assault, however. In 2007, the U.S. Energy Department’s Idaho National Laboratory demonstrated that it was possible to physically destroy a 27-ton electrical generator using nothing more than 21 lines of malicious code, in what is known as the Aurora Generator Test.
The use of explosives at Natanz doesn’t rule out the possibility that the sabotage involved a hybrid attack with explosives taking out the main power distribution equipment and malicious code taking out the emergency backup power supply to manipulate the frequency converters that control the speed at which the centrifuges spin.
It will take days or weeks before we have a clear understanding of what the attack entailed and how the perpetrators pulled it off, but if an outside generator or transformer was destroyed by explosives, this should become apparent in satellite images that will no doubt be available in the next day or so, Albright said.
Were Centrifuges Damaged?
Although the attack targeted the electric distribution at Natanz, the real target was likely the centrifuges. Centrifuges spin in excess of 100,000 revolutions per minute and as noted above, need to be slowed gradually, otherwise they vibrate dangerously, and the rotors and bellows inside can be destroyed.
One reason Iranian officials may have changed their story about the damage at Natanz, initially claiming there was none but later conceding centrifuge damage, is that damage to a centrifuge is generally internal and can’t be seen until technicians remove its outer aluminum casing.
On Monday, the day after the sabotage, Ali Akbar Salehi, head of Iran’s Atomic Energy Organization, said some parts of the enrichment facility are now running on emergency backup electricity, but he didn’t say if this included the centrifuges.
Albright says that to slow down the centrifuges, the sabotage would have needed to target the frequency converters, which are power supplies that regulate the flow of energy to the centrifuges and their speed. To affect these converters, the attackers would have needed to take out the emergency backup power supply, “which is deep inside the plant,” he said.
“The emergency system will come on as soon as the outside power will stop, and that will run for quite a while and that will keep the centrifuges spinning,” Albright said. “But if you can take out the main power supply and the emergency system, then you can stop the centrifuges.”
The frequency converters, notably, were also the target of Stuxnet in 2009 and 2010. The malicious Stuxnet code caused the converters to increase and decrease the speed of the centrifuges for timed periods in order to destroy their motors and bellows and spoil the uranium gas inside the centrifuges. The computer systems controlling the frequency converters at Natanz are not connected to the internet, so in that attack, the perpetrators snuck the first version of Stuxnet into the facility on a USB stick carried in with a mole working for Dutch intelligence. Subsequent versions were delivered to Natanz computers by infecting the laptops of outside engineers who worked at the plant and who then unwittingly carried Stuxnet into Natanz on their computers.,
Although Iran has been testing a number of different models of centrifuge at Natanz, the vast majority of centrifuges there are IR-1s. Iran has 6,000 of these at Natanz and over the last five months has also installed 1,000 IR-2m centrifuges. Salehi told Iranian news media that the only centrifuges damaged in Sunday’s attack were IR-1s: the same centrifuge model that Stuxnet targeted a decade ago.
IR-1 centrifuges are very difficult to stop when they are spinning at full speed, Albright says.
“It requires slowing down the speed, stopping, and waiting for the centrifuge to stabilize [at several stages]. If you don’t do that, then the centrifuge can just crash. At a certain speed of revolutions, they will start to shake like a vibrating string.”
Without pauses to stabilize, the vibrations will increase, causing the rotor inside to scrape the side of the aluminum casing, which is just a few millimeters away from the rotor, and destroy the rotor and internal casing.
“It will be like shrapnel going off, and you’ll hear it break,” Albright said. “They would hear it all through the plant if these things are breaking.”
How Quickly Can Iran Recover?
It remains to be seen how long it will take Iran to recover. News reports have said the sabotage set the program back nine months. Salehi has said, “Enrichment in Natanz has not stopped and is moving forward vigorously.”
Heinonen, the former U.N. atomic safeguards official, says it would not take nine months just to replace a destroyed transformer or generator and the destroyed centrifuges.
“If you need to replace the transformer or the electric supply, that may take some time; it’s not something you take from the shelf. It’s custom-designed for the purpose,” he said. But it would take only a few weeks to replace it.
He says the issue is likely that Iran will have to rebuild entire cascades; cascades are clusters of centrifuges joined by pipes that carry uranium gas from one to the next as it goes through stages of enrichment. If shrapnel and metal dust created by the rotor scraping the casing got into the piping, that would all have to be replaced.
“[That dust] probably will break additional centrifuges,” he said. “To replace a centrifuge, you need to clean the whole mess, including the cascade piping. If there are small pieces here and there, it’s very difficult to clean such small pipes, so you have to replace them. That is a very time-consuming operation.”
If the frequency converters were damaged as well, then this will add to the recovery time. The devices are tailor-made, and Heinonen said it’s not clear how many Iran has in stock.
Heinonen said Iran can recover more quickly by simply abandoning the affected cascades and centrifuges and building new cascades in an empty corner of the hall, and installing IR-2m centrifuges that are more efficient than the damaged IR-1s. If Iran has everything it needs for this, it will take six months to rebuild, he said. Not only will Iran be up and running by the end of summer, it will have a more efficient operation.
With 1,500 IR-2m centrifuges, “you are actually exactly where you were last week in terms of enrichment capacity, because these are four times more powerful than the IR-1s,” he said. “So I would install them and show to the world that [they] are back in business, and that will take a few months, provided that the electricity is there.”
This appears to be what Iran is planning to do, not only to recover from the sabotage but also to secure a stronger bargaining position in its nuclear negotiations. Zarif, the Iranian foreign minister, has stated, “Natanz will be stronger than ever with more advanced machines, and if they think our hand in negotiation is weak, this act will strengthen our position in the negotiations.”
How Will Iran Respond to the Attack?
An Iranian official announced on Tuesday that Iran will begin to enrich uranium to 60 percent in response to the attack on Natanz. Whether Iran is just using this to gain leverage in the Vienna talks is unclear. But if the enrichment plan proceeds, it would put Iran closer to having weapons-grade uranium than it has ever been, introducing a new level of destabilization in the Middle East.
Iran is also under pressure from lawmakers in Tehran to halt the nuclear talks in Vienna. “Talks under pressure have no meaning,” Abbas Moghtadaie, deputy chair of the Iranian parliament’s national security and foreign policy committee, said in a Clubhouse talk on Monday, according to the New York Times.
In addition, Iran has vowed to get revenge for the sabotage. It’s unclear whether this will involve cyberattacks against Israel — similar to attacks that were launched against Israel’s water supply following the previous sabotage at Natanz last July — or include a kinetic response, such as rockets launched across Israel’s northern border by Iran-backed Hezbollah. Whatever the retaliation, it will likely escalate further response from Israel.
Regardless of what Iran does to retaliate, it’s clear that attacks against Iran’s nuclear program won’t end, says Albright.
“The Israelis … want to make the point that this isn’t simply about going back to the [old agreement with Iran]. The fact that the U.S. secretary of defense was there when it happened is a pretty strong signal to the U.S. and Europe that JCPOA … is not going to cut it [going forward].”
Kim Zetter is a staff member of The Intercept, which originally published this article on April 13, 2021.