A Dutch newspaper has just revealed an impressive cyberwarfare operation to disrupt Iran’s nuclear program in 2008. The agent in question was at the time an engineer who managed to infect a factory in Iran during a business trip.
It’s impossible not to think of a spy film scenario. The Dutch daily Volkskrant published on January 8 an investigation into the sabotage of the Iranian nuclear program in 2008 by an agent potentially sent by the Netherlands. At the time, Erik Van Sabban was an engineer specializing in energy infrastructure. He is married to an Iranian woman and works for a transport company in Dubai, United Arab Emirates. This company regularly sends spare parts for the Iranian oil and gas industry, and Erik takes care of the installation on site.
His employer is not aware that Erik works for Dutch intelligence, and collaborates with the CIA and the Mossad (the Israeli services). During a business trip to Natanz in 2008, the 36-year-old engineer took advantage of his cover to carry out a high-risk infiltration. The city is home to Iran’s nuclear enrichment program. Erik installs malware on a workstation from a USB key, which spreads from a water pump. The malware in question, Stuxnet, would become famous for being one of the first acts of cyberwar between two states.
Two years of Iranian cyber espionage program
The agents behind the destabilization operation spied on and disrupted the country’s facilities for more than two years. Iranian officials had said the computer worm infected the Bushehr nuclear power plant, which overlooks the Persian Gulf. The malware affected 45,000 computer systems, including 30,000 located in Iran.
The operation would be attributed to the CIA and Mossad. More surprisingly, Volkskrant states that the Dutch government was unaware of the mission carried out by its own agent. Erik Van Sabban died two years later in a motorcycle accident which was not criminal, according to the newspaper’s investigations. The investigation, which lasted two years, relied on the testimonies of 43 people.
These revelations offer us some insight into cyber destabilization operations. Iran recently suffered another cyberattack, this time disrupting almost all of the country’s gas stations. An investigation will perhaps provide more information in a few years.
Subscribe for free to Artificielles, our newsletter on AI, designed by AIs, verified by Numerama!