Iran will retaliate against any country that carries out cyber attacks on its nuclear sites, the head of civilian defence said on 3 July, after a fire at its Natanz enrichment facility.
“Responding to cyber attacks is part of the country’s defence might. If it is proven that our country has been targeted by a cyber attack, we will respond,” civil defence chief Gholamreza Jalali told state TV.
The Natanz facility near Isfahan is one of several Iranian facilities monitored by inspectors of the International Atomic Energy Agency (IAEA). The IAEA said it had been informed by Iran about a fire in a building at the Natanz site. Iran also informed the IAEA that the fire was quickly extinguished and that there had been no nuclear material or other radioactive material in the building. Iran said the cause was not yet known, but that there were no injuries or radioactive contamination.
IAEA said the Natanz site “is under IAEA safeguards, including both safeguards verification and JCPOA verification and monitoring”. The Agency confirmed that there were no IAEA safeguards inspectors present at the time, and that the location where the incident occurred did not contain nuclear materials.
“The Agency has been in contact with relevant Iranian authorities to confirm there will be no impact on its safeguards verification activities, which are expected to continue as before. IAEA inspectors are present on a regular basis at Natanz,” IAEA said.
Iran limited its nuclear development in exchange for the removal of most global sanctions under the 2015 Joint Comprehensive Plan of Action (JCPOA) signed with the USA, UK, France, Russia, China and Germany. However, the USA withdrew from the agreement in May 2018 and reimposed stringent sanctions. In response Iran reduced compliance with the agreement and restarted its nuclear development programme after the European parties to the JCPOA failed to put in place a mechanism to shield Iran from the US sanctions.
An image released by the Atomic Energy Organisation of Iran (AEOI) showed a one-storey brick building with its roof and walls partly burned. A door hanging off its hinges suggested there had been an explosion inside the building.
The spokesperson for the Supreme National Security Council of Iran, Keivan Khosravi, said on 3 July that expert teams had determined the cause of the Natanz incident. He said a technical and security investigation conducted by the relevant organisations had discovered the cause of the accident.
“Various hypotheses about the cause of the incident were tested with a detailed assessment of the impacts, quality and extent of the damages that have been done, and the main cause of the accident has been identified.” More details would be made public at the appropriate time “due to security considerations”, he added. He said damage was “limited”.
AEOI spokesman Behrouz Kamalvandi said the accident had resulted in no casualties and did not disrupt running operations at the facility.
Iranian state news agency IRNA considered the possibility of sabotage by Israel and the United States, but made no direct accusation. “So far Iran has tried to prevent intensifying crises and the formation of unpredictable conditions and situations,” IRNA said. “But the crossing red lines … means that strategy … should be revised.”
Reuters cited three Iranian as saying they believed the fire was the result of a cyber attack, but did not cite any evidence. One of the officials said the attack had targeted a centrifuge assembly building, adding that Iran’s enemies had carried out similar acts in the past.
In 2010, the Stuxnet computer virus, which is widely believed to have been developed by the United States and Israel, was discovered after it was used to attack the Natanz facility. Two of the Iranian officials said Israel could have been behind the Natanz incident, but offered no evidence.
Hours before Iranian authorities announced the fire, an unknown group calling itself the "Homeland Panthers" claimed responsibility in a series of emails sent to BBC journalists. The group told the BBC's Jiyar Gol that the attack was carried out by elements within Iran's security forces, Gol wrote on Twitter.
Kuwaiti daily al-Jarida on 3 July, cited an unnamed “senior” source as saying that the Natanz explosion as well an explosion the previous week at Iran's Parchin military complex were Israel’s work. The source claimed that the Parchin incident was the result of an air strike conducted by Israeli F-35 stealth fighters, while the Natanz explosion was caused by an Israeli cyber attack against the uranium enrichment plant. The Iranian authorities had said the Parchin incident was the result of “leaking gas tanks".
The New York Times had reported, citing an unnamed Middle East intelligence official, that the Natanz blast was caused by an "explosive device planted inside the facility". The source said the explosion destroyed "much of the aboveground parts" of the Natanz facility, where centrifuges had been placed before being put into operation. US-analysts identified the building as a centrifuge assembly workshop.
However, Kamalvandi said the normal process of enrichment was continuing as usual. "We have started enrichment since Iran's move to scale down commitments, and currently we have no commitment both in terms of the level of and amount of enrichment, and we are now producing materials over 3.67% and above 300 kilograms," he said.
Iranian President Rouhani on 4 July called on the USA to return to JCPOA and resume negotiations.
Photo: Photo showing damage at Iran's Natanz uranium enrichment facility (AEOI News/Twitter)