LONDON: Explosions in western Tehran resulting in power outage. A fire at a ballistic-missile production facility. A deadly blast at a medical clinic in the Iranian capital’s north. Huge floods at one of the country’s most important shipping hubs.
These apparently isolated recent incidents, mainly at military, nuclear, and industrial facilities, have been either subjected to cover-ups by Tehran or explained away as unfortunate accidents.
But when a blast on July 2 crippled the Natanz nuclear research facility in Isfahan, Iran was forced to come clean and admit that the showpiece of its nuclear-enrichment program was the target of an act of sabotage.
Experts have told Arab News that this admission has thrown into question the whole series of events. They said that what initially could have been a string of ill-timed separate incidents was starting to look like a coordinated campaign of cyber and psychological warfare. The real questions, to them, were: How impactful has the campaign been, who is behind it, and how will the regime respond?
Olli Heinonen, a senior adviser on science and nonproliferation at the Foundation for Defense of Democracies, said that whoever was responsible for the Natanz sabotage was sending Iran a message.
The attack, he added, would not have “been possible without detailed knowledge on the design and operations of the workshops.”
This “sends a stern message to the nuclear and missile programs: Their operations and goals are not secret.”
Whoever was responsible, Heinonen said, may not be finished yet. “The hitting of the assembly plant of the advanced centrifuges is likely a warning shot only.”
As if on cue, electricity reportedly got cut off after a large explosion hit a suburb west of Tehran on Friday in a missile facility of the Islamic Revolutionary Guard Corps (IRGC). Iranian officials denied the report. Another mysterious explosion had been reported just three days before, on July 7, at a factory south of Tehran.
While the full picture has yet to emerge of the damage caused by the blast at Natanz, it may have set back Iran’s nuclear ambitions by up to two years.
The 2015 nuclear deal, Joint Comprehensive Plan of Action, reached between Iran and six world powers, allowed only enrichment of uranium at Natanz with just over 5,000 first-generation IR-1 centrifuges. But Iran has installed new cascades of advanced centrifuges after US President Donald Trump’s administration withdrew from the accord in 2018 and reinstated economic sanctions.
Iran, which said it would not negotiate as long as the sanctions remained in place, has repeatedly threatened to continue building up what it calls a defensive missile capability run by the IRGC.
Ali Alfoneh, a senior fellow at the Arab Gulf States Institute in Washington, said: “It is difficult to interpret recent incidents at Iran’s nuclear facilities as anything but coherent and sustained acts of sabotage conducted by state actors.”
Referring to the Natanz blast and the other explosions and fires, he added: “There is a pattern.” This pattern stretched back years, and has used cyberattacks, sabotage, and targeting of scientists to curtail Iran’s nuclear ambitions.
As for the culprit, Alfoneh believes it “makes very good sense” that Tehran’s arch-nemesis Israel could be behind the attacks on nuclear and missile facilities. Israeli statements, he said, “give further credence to these allegations.”
Israel is just one of a number of enemies of the regime who may now be targeting Iran, Theodore Karasik, senior adviser at Gulf State Analytics, told Arab News.
His understanding of the situation, largely in line with Alfoneh’s assessment, is that the blast at the Natanz nuclear facility was most likely “a cyberattack by Israel.”
However, he said: “Were all of the attacks by Israel? That is the question we’re not clear on, and that’s where it gets interesting.”
Karasik pointed out that Tehran also had domestic adversaries with their own grouses. “There’s messaging that a group attached to the (Iranian ethnic minority) Baluch people could be responsible. With Baluch sentiments inflamed, the ethnic minority have at times been used by outside forces as another way to undermine Iran,” he added.
A number of attacks targeting the IRGC personnel and military infrastructure have been claimed by Baluch groups in the past few years. They have not, however, come forward to claim responsibility for the latest series of incidents in Iran.
“Overall, we can say someone is using various tactics — external cyberattacks, internal sabotage — to hit Iran right now, and it’s part of a larger pattern,” Karasik said.
Much of the discussion surrounding the series of attacks has revolved around cyber warfare. Karasik believes this is a central part of the campaign by whoever is targeting the Islamic Republic.
Someone is telling Iran: We know where you live, we know your weak spots, and if we need to hurt you, we can.
Yossi Mekelberg, associate fellow at Chatham House
“To cause explosions, to make something stop operating — this is very sophisticated in terms of cyber warfare. It’s one thing to shut down a street or a factory; it’s another issue to actually detonate something,” he added.
The technological sophistication points to Israeli cyber sabotage. Israel has long employed cyberattacks as a means of targeting Iran’s nuclear and military capacity, famously unleashing the Stuxnet attack which set back Iran’s nuclear ambitions by up to five years.
The emerging consensus among Iran watchers such as Karasik is that Israel was likely responsible for some, if not all, of the recent major disruptions that have struck Iran. The question then, is how Tehran will respond?
Tehran was patient and opportunistic, Karasik said, but “there is a danger that the tail may wag the dog.” As Tehran faced more domestic pressure and its legitimacy in the eyes of the people eroded further, the only way to prove its strength could be to lash out.
However, one of the advantages of using cyber warfare and other such clandestine means of undermining Iran, was that the attacks had plausible deniability, Yossi Mekelberg, associate fellow at Chatham House, told Arab News.
“It’s hard to definitively prove who was behind the attacks, so it does not force Iran to respond to preserve its legitimacy and save face,” he added.
But he warned that it was a “highly volatile” situation. “There is a danger of miscalculation — you’re guessing other peoples’ thresholds for retaliation and it’s easy to miscalculate. It’s a risky game.”
The strategy being employed against Iran, Heinonen, Mekelberg, and Karasik all agreed, was a psychological one. An outside power — which many suspect to be Israel — was sending a message to Iran.
Karasik said that someone had been “hammering away at specific targets related to Iran’s national security, creating an explosion here, a fire there. That has a psychological impact.”
Mekelberg added: “Someone is telling Iran: We know where you live, we know where your weak spots are, and if we need to hurt you, we can. It’s a show of force.”
Iran is upgrading its ballistic missile arsenal and investing heavily in obtaining nuclear weapons. It should come as no surprise then, that as its posture becomes ever more aggressive, its adversaries are sending a clear message that they will not stand for a nuclear-armed Iran.
The campaign of cyberattacks and sabotage is making that position abundantly clear.