69. Israel Attacks Iran: Mossad’s First Assault (Ep 2)

For exclusive interviews, bonus episodes, ad-free listening, early access to series, first look at live show tickets, a weekly newsletter, and discounted books, join the Declassified Club at the RestisClassified.com.

This podcast is brought to you by Carvana.

Got a car to sell, but no time to waste?

Hop on to Carvana.com to get a real offer for your car in seconds.

All you have to do is enter your license plate, answer a few quick questions, and if you accept the offer, Carvana will pay you as soon as you hand the keys over.

They even offer same-day pickup in many cities.

Save your time, score some cash, and sell your car the convenient way to Carvana.

Pickup times vary.

Fees may apply.

This podcast is brought to you by Carvana.

Buying a car shouldn't eat up your week.

That's why Carvana made it convenient.

Car buying that fits around your life, not the other way around.

You can get pre-qualified for an auto loan in just just a couple of minutes and browse thousands of quality car options, all within your terms, all online, all on your schedule.

Turn car buying into a few clicks and not a full week's endeavor.

Finance and buy your car at your convenience.

On Carvana.

Financing subject to credit approval.

Additional terms and conditions may apply.

You're deep into your favorite true crime binge.

The twist, the theories, and suddenly, hunger hits.

Grab a Paleo Valley 100% grass-fed beef stick.

These aren't your average gas station snacks.

They're made from real beef sourced from regenerative, small American family farms.

No preservatives, no gluten, no grains, soy, or sugar.

Just naturally fermented protein that fuels your obsession.

Whether you're road tripping, hiking, or pulling an all-nighter with your favorite case.

Choose from five bold flavors, original, jalapeno, summer sausage, garlic summer sausage, and teriyaki.

They're keto, paleo, and carnivore-friendly, made to work work with your lifestyle, not against it.

With over 55 million sticks sold and a 60-day money-back guarantee, you've got nothing to lose.

Get 15% on your first order at paleovalley.com.

Just use code Paleo at checkout.

The code that struck Natan's was a work of engineering bravado every inch as much as the centrifuges it was designed to destroy.

The first thing the Iranian engineers heard was a screeching sound.

That's the machine skidding round inside its case as it loses control.

By this point, if your control panel has not warned you of a problem, it's already too late.

You'll hear one machine taking out the next and the next like dominoes.

There was no explosion, just a clatter as the delicate, precious machines destroyed each other.

The Iranians had already been seeing smaller problems.

Machines were failing, parts breaking down.

It was not always clear why.

Was it poor engineering standards, bad parts or designs?

No sooner would one problem be fixed than more centrifuges would go awry, forcing them to be stopped and checked.

What they did not know was that a hidden hand was remotely manipulating the controls to take advantage of the delicate nature of the devices.

Welcome to the Rest is Classified.

I'm David McCloskey.

And I'm Gordon Carrera.

And that, dear listeners, you will of course recognize as Carrera in prose.

That is Gordon Carrera writing in his book, Intercept: The Secret History of Computers and Spies

about

a terrible set of accidents at the Natan's enrichment facility in Iran.

Gordon, you're, of course, going to have to set this up, but we are getting in that rich paragraph a sense of the impact of this really history-altering cyber weapon that is developed as part of Operation Olympic Games.

Last time we looked at the Iranian nuclear program, particularly the site at Natanz filling up with centrifuges to enrich uranium obtained from Pakistan's nuclear salesman, Aku Khan, and this dilemma for Western governments, you know, what to do about it, whether to let Iran go nuclear or launch a military attack.

President Bush wanting that third option, and that's what we're going to be looking at this time, this third option, which is going to be a cyber attack.

I guess it's the origin story of what we think of as cyber warfare and cyber attacks.

And as you described there, Gordon, in that prose, this is so, I guess, history-altering because it is a cyber attack that bleeds into the physical world.

It is not merely dealing with zeros and ones on a screen.

It is physically leaping and affecting machines in the real world.

And that, I think, is why this covert action program to develop it can be compared to the Manhattan Project, because it is that impactful on the world today.

But of course, cyber network computers have been around for a little while prior to the early 2000s.

The vulnerabilities are sort of known prior to Natan's.

Yeah, I mean, people had actually been thinking about the fact that computers could be remotely accessed and that, you know, the code stolen or even altered as far back as the 60s.

In the 80s, you see the first signs of what is basically cyber espionage and people stealing data.

And actually, it's American computers which are the first to be on the internet.

So you start to see East German, Russian hackers trying to get into those in the 80s and the 90s.

And then you see American and British hackers, I'm led to believe, getting into foreign

allegedly into foreign scientific programs in the 90s when they go online and you can kind of access them over this this thing called the internet.

But all of this, you're right, is espionage.

Yeah.

There's information that is on these networks that previously might have been kept in safes, right, or somewhere physical that's now online or on these computer networks that spy agencies, criminals, whoever might want to access.

Yeah.

And that is different from, if you like, in the Hollywood version, cyber war or sabotage or whatever you want to call it, which is having a physical destructive effect through online means.

People start to think this might be possible around the 2000s.

And one of the first events is actually in Australia in 2000 when raw sewage starts to pour out from a treatment works in Queensland.

And they can't work out why.

And it turns out that the disgruntled worker who's just been sacked and who knew how the systems worked was dialing in and opening the valves to let the sewage out all over this poor town in Queensland.

So, you know, it's the insider threat.

Here's the kind of Snowden of cyber sabotage, but just in a sewage treatment works rather than the NSA in the 2000s.

The insider who does damage.

It's the same impulse.

It's the exact same impulse.

Yeah.

Let's not go back into Snowden.

I would love to, Gordon, but yeah, you're right.

Let's move on.

You get after 9-11, there's lots of kind of loose talk about, you know, is al-Qaeda, are the terrorists going to do cyber attacks?

The crucial thing, I think, to say is it's really hard to do.

It is not like the movies.

You know, the Australian engineer with those sewage treatment works was only basically able to do it because he'd worked in these sewage treatment works.

He knew the systems intimately.

He understood them.

And then he is, I think, physically sat in a car outside accessing it through a radio.

The idea that you could use a cyber attack to take down something much more advanced, something which you haven't got direct knowledge or access to, and is well protected, say, like an Iranian nuclear program.

Now that seems beyond capabilities.

But you know, that is what, as we heard last time, President Bush has said he wants that third option.

And this is a third option, because I guess the key thing about it is it could buy you time.

It's sabotage rather than warfare.

It's maybe now even hard, you know, 20 years later to understand how revolutionary this idea would have been, or frankly, just the capability, right?

We're not talking about making it harder to use the computers at Natalia.

Yes.

The equivalent in industrial terms of like taking a website down, right?

Or something like that, where you're dealing with a software problem that you can then fix and is presumably cleaner to fix, right?

What we're talking about here is actually getting into the physical infrastructure of the plant.

And we talked in the last episode about the centrifuges that the Iranians had acquired through bomb salesman AQ Khan.

And I would wager, Gordon, it's sort of an expensive lot of equipment and highly technically complex.

And so if Western intelligence services were able to wreck some of that machinery, you would potentially set the nuclear program back very significantly.

And I think the interesting thing about it is they're not necessarily trying to destroy the program.

They're trying to disrupt it.

They're trying to do it covertly to sabotage, to undermine it, and basically to buy time.

I mean, mean, that's what I think is quite interesting about this operation, is that it's not a kind of one shot where you're suddenly going to kind of blow the whole place up.

That's just not possible.

But the idea is to do something more covert without anyone knowing, without even the Iranians knowing they'd been attacked, let alone by whom.

So it's very different from a bomb being dropped or a kind of special forces raid into the site.

The good news is there's no risk, need to risk pilots or ground troops to do something like this.

And if you can do it through cyber means, there is this tantalizing possibility that you can delay and set back this program without the Iranians understanding why.

And I think that also makes it a very tempting option.

You can imagine if you're President Bush at this time and someone says, we can buy you time and slow down this program.

That is tempting, particularly, of course, when you've got the Israelis on your back who are saying, we want to bomb this, or you've got Netanyahu going, we want want to attack this.

We kind of set up some of this era when we did the episodes on Moss and Fakriza Day.

We talked about Meir Degan, who was the head of the Mossad at this period of time.

And it's probably worth situating him a little bit in this story because it does seem like the whole point from Meir Degan's perspective was to avoid an open war with Iran.

And so you want to slow the program down enough to create more options for you in the future.

In this period, I mean, the cyber component of Olympic Games, right, is a piece of it, but the Israelis are doing a whole bunch of other stuff too.

And this is the era where they start assassinating nuclear scientists, right?

And they start killing the people who are working with Mohsen Fakriz today.

And the kind of widespread nature of this shadow conflict, I think, is in part driven by the fact that the Iranians have quite ingeniously set up a target, a nuclear program that is dispersed across many different facilities, some of which are very, very hard to access physically.

And importantly, and this is what distinguishes it from the Syrian attempt to get the bomb or the Iraqi attempt to get the bomb, is it's kind of homegrown.

They get a lot of this stuff initially from AQ Khan, but the knowledge of how to do this stuff is in the heads of Iranian scientists, right?

And so the Israelis are trying to kill them, to slow the program down by making it harder for people to do the work.

And I also find it interesting because even within Israel, Mehr Dagan is ahead of Mossad at this time.

He is actually in variance.

He's not pursuing the same policy, if you like, that his prime minister wants, which is Benjamin Netanyahu, who wants to attack the program with a military strike.

And Mayor Degan is not up for that.

And he will talk about it after he's basically ejected from office later.

And so he is actually trying to stop his own prime minister, it feels like,

doing something which he thinks is dangerous, which is launching a military strike.

So he's invested in this idea, you know, at Mossad, that they could do a covert action to slow it down.

So he's also a bit like the American side, trying to kind of buy time and if you like, divert the pressure from going for a full military strike.

And I find that kind of interesting as well, because you do get a sense of the tension between...

and you often hear about it between Netanyahu and some of his own national security officials, because a lot of them at various times think this guy's going too far.

He's too hawkish on some of these issues.

And I think that was the case here.

And so what Mehr Degan is doing by pursuing Olympic Games and by even the assassinations is actually trying to buy time and avoid the military option.

And we should say that the U.S.

was not involved, at least as far as I can tell, the U.S.

is not involved in the assassinations.

There are pieces of this where Mossad and the agency or Mossad and Western intelligence are joined at the hip and then other places where they're not, right?

And where Mossad is pursuing its own operations, its own sense of Israeli security interests.

But there's an incredible overlap, I think, of interest, obviously, in stopping an Iranian bomb, but in, frankly, what is deemed as justifiable or worthy of the risk when it comes to sabotaging the physical components of the nuclear program.

Because the U.S.

at this point, Gordon, I think, has already tried to sabotage some of the program by kind of getting into the supply chain.

It's like they put some bad components and some kind of sabotage components into that supply chain,

including some, yeah, allegedly, including some power supplies shipped from Turkey, which explode.

But I think the Iranians then work out a problem.

It's kind of pretty obvious when a power supply explodes and you look where it came from, and then you kind of get it from somewhere else, or you find a different way of doing it.

So I think they're working out that that kind of traditional covert action or sabotage has its limits when Iran is protecting and kind of trying to build its nuclear program very much under its own auspices rather than bringing in material elsewhere.

And so, you know, this option of the cyber attack becomes suddenly possible and quite tempting for both the US and some of those in Israel, I think.

But it is ambitious.

You know, it's something that has never been done before.

And you've got to work out how you're going to translate something which is on computer code that you're developing into a physical destructive act within this very closed and secretive nuclear program.

Well, and this gets back, Gordon, I mean, in the last episode, you gave us a wonderful tutorial on centrifuges.

And I guess we're back to the centrifuge, the large rows of hot water heaters that are sitting in the basement at Natan's.

These are the targets, right, of the cyber weapon that is going to be developed.

And the key reason is they are obviously the thing which is enriching uranium.

And crucially, they are these incredibly complex bits of engineering.

The rotors inside them, you know, to separate the uranium-235 from 238, it spins so fast, fast it's faster than the speed of sound supersonic faster than the fastest fighter jet that's the speed at which that rotor is moving you know it needs to be made out of a special metal to be able to withstand the kind of stress it needs to be perfectly balanced this rotor on a kind of ball bearing it's incredibly delicate and fragile the uranians would find if you don't wear gloves when you assemble them and you get some dust on these rotors, they're spinning so fast, just that dust will cause an imbalance on the rotors rotors and it will spin off and then smash into the kind of casing in which it is.

So you have to maintain the speed of that rotor perfectly as well.

You basically can't switch them off very easily.

And it mustn't vibrate, it mustn't get any kind of dirt inside it, the slightest imbalance in this system, and it can spin out of control.

And then what happens is it crashes into the casing and then because they're in a cascade, all these centrifuges together, one will potentially crash into the others like dominoes and you can take down a whole cascade of centrifuges so they are incredibly vulnerable bits of engineering so if you start from the idea that you want to wreak havoc on this centrifuge cascade at natan's and you want the iranians to be confused about what's happened you don't want something to go boom and then they go back on the supply chain and say oops we're not buying from the supplier anymore you want there to be this perpetual sort of confusion about what's happening i mean it seems like first first off, you need a pretty detailed understanding of the facility at Natans and exactly how it's laid out and exactly what type of machinery and software it's using to run the place, right?

I mean, you need a lot of information to even get started.

And all the signs are that pre the deployment of the code that's going to cause the damage, there are a couple of stages of more traditional espionage.

And there's a couple of very advanced espionage tools called, I think, Flame and Dooku, which are the kind of, you know, the hacker names for these packages which get inside the system.

And they are basically there to just collect the data about what the system is and how it's working.

We don't entirely know which countries were involved in that.

I think US-Israel looks like definitely some signs, maybe some other countries as well.

One of the interesting questions about that, who knows if the Brits might have had some involvement at that stage, in some suggestions of it.

Of course, they wouldn't confirm it.

But this is still espionage you see and you could imagine everyone saying well we need to understand this espionage but then the next bit which i think is really interesting so even if you know what the centrifuges are and how the system is configured you need to be sure how to have an effect on them what code would allow you to have a physical impact on them and this is where we get back to i'm not sure he is a friend of the show because i think in terms of hero or villain i think aq khan is i don't think we can play that game with him i think he's in the villain category sorry pakistani patriots who love him as father of their bomb.

Now, you raise a good point, Gordon, which I'm sure will be an ongoing conversation, which is, if you are a villainous character, can you actually be a friend of the pod?

Or is it just you've got to be a kind of a straight shooter?

I don't know.

I think we need to think about that.

You have to give me an example.

But I think AQ Khan, I mean, I don't think he we should, as we say it out loud, I don't think he can be a friend of the pod.

No, no.

Last time we explained how he had sold some of the equipment, some of the designs for centrifuges to the Iranians, and they're going to basically copy those.

They are going to use those designs.

And the crucial thing is in 2003, the AQ Khan network gets taken down.

Again, we'll do that another time.

Amazing story.

Involves the interception of some components, which the Khan network was selling to Libya.

The US will get Pakistan to put AQ Khan under house arrest.

Libya will give up its program.

Now, The interesting bit is that means the US will get hold of a whole load of the centrifuges, what were the P1 and P2 centrifuges, but which are identical to the IR-1, Iranian one and two centrifuges that Iran is developing.

And these centrifuges are going to be shipped back to the national security complex at Oak Ridge Lab in Tennessee, which is one of those U.S.

national security labs, isn't it?

That's right.

And it is essentially the centerpiece of the U.S.

nuclear stockpile, right?

And a tremendous amount of the research on the maintenance of that stockpile, the procurement of it.

I think the kind of locus point for that is Oak Ridge, Tennessee.

So it's a be a natural place if you were an officer of a Western intelligence service who was really interested in sabotaging the Iranian nuclear program to kind of go down there and have a look.

Have a look at these centrifuges and understand how they work.

And how you might be able to play with them.

Right.

Yeah.

And just kind of play around with them for a little while.

Yeah.

What's amazing is that Khan has supplied the centrifuges to Iran and then by his network being broken down, there's an opportunity because the US can build its own replica of the kind of enrichment cascades that are being used in the tants with the same controllers, the same hardware around these centrifuges and work out how to sabotage them effectively.

And they can work out what will lead them.

to crash and supposedly they had a cage where they could watch them and toy with the controls and work out what would make them crash and break, making this awful screeching sound.

And the Israelis are also doing something very similar, it seems, making a scale model of the Natanz enrichment facility set up at Demona, which is their nuclear power facility out in the desert.

And they are building their own also replica of Natanz.

You've got both sides trying to understand what is going on in this kind of cavernous site at Natanz and how the centrifuges specifically work and what you could do to them.

Spy agencies love a good scale model.

It reminds me of the replica built of the bin Laden compound, right, at Abbottabad that the SEALs trained.

Do they have like modelers?

No, they do.

They recruit people.

Because, you know, you get people who love.

I met someone the other day who loves scale models and they were showing me pictures of a scale model village and something like that.

And then do you think, you know, if you get recruited and someone says, you're a really good scale model village builder?

Do you want to come here and build models of nuclear compounds and terrorist compounds for the CIA or Mossad?

I guess they do.

The ones that I met worked at the National Geospatial Intelligence Agency, NGA.

There'd be a natural connection between the imagery and the modeling.

And the modeling.

So they had a team of modelers there who would, who, that was their job.

That's a great job.

That's like the best job.

Yeah.

I'm not even into it, and I want that job.

But I would be discovered on day one as an incompetent, incompetent modeler.

Well, so Gordon may be there with scale models all over the place of Natans and alleged Western intelligence services practicing destroying centrifuges.

Let's take a break and when we come back, we will see how they code this destructive cyber attack that's going to change the history of the Middle East.

See you after the break.

Packages by Expedia.

You were made to occasionally take the hard route to the top of the Eiffel Tower.

We were made to easily bundle your trip.

Expedia, made to travel.

Flight-inclusive packages are at all protected.

Charlie Sheen is an icon of decadence.

I lit the fuse and my life turns into everything it wasn't supposed to be.

He's going the distance.

He was the highest paid TV star of all time.

When it started to change, it was quick.

He kept saying, no, no, no, I'm in the hospital now, but next week I'll be ready for the show.

Now, Charlie's sober.

He's gonna tell you the truth.

How do I present this with any class?

I think we're past that, Charlie.

We're past that, yeah.

Somebody call action.

Aka Charlie Sheen, only on Netflix, September 10th.

Tires matter.

They're the only part of your vehicle that touches the road.

Tread confidently with new tires from Tire Rack.

Whether you're looking for expert recommendations or know exactly what you want, Tire Rack makes it easy.

Fast, free shipping, free road hazard protection, convenient installation options, and the best selection of BF Goodrich tires.

Go to tire rack.com to see their BF Goodrich test results, tire ratings, and reviews, And be sure to check out all the special offers.

TireRack.com, the way tire buying should be.

Well, welcome back.

Gordon, we've talked about the centrifuges and the physical destruction, but you have to, I guess, design a code, right, that will actually have an impact on those centrifuges.

And so there's a software coding component to this that is really, really critical.

And it's thought to be done by the US and Israel, primarily.

Those are thought to be used.

Allegedly.

And we should say again, this is all in the public domain here, right?

But nobody's taking ownership of Olympic Games.

But they're writing this code, which has got to be covert and it's got to be really precise.

And it's interesting because,

believe it or not, we're not going to get deep into the specific types of code that were going to be used.

I could, but I just thought, you know, too shy.

Show off my knowledge of coding.

Last time I coded was, I think, in the 1980s using basic computer language.

If you remember, you're too young, David, to know what basic was on a Commodore BIC-20 computer.

You're probably too young to know what that is.

I am too young to know what that is.

That's my coding knowledge.

I do understand a little bit, but not.

You were not recruited to help Western intelligence in its efforts to sabotage the Iranian nuclear program.

No, me playing jetpack on my computer did not qualify me to be a top cyber hacker.

But by 2007, they've got some code ready.

And it's worth saying, there's actually not going to be just one one cyber attack.

And that's actually going to be important for our story.

There's going to be multiple, and they're going to be varied and covert to sow confusion.

And the code is kind of stealthy, designed to work over an extended period without being spotted, rather than being a single strike, which takes it down.

And the way to think of it is as two things, a delivery system.

which is, if you like, the missile, which is going to get you into the target, and then the payload, the warhead, which is actually going to do the damage.

And the aim of the

Olympic Games code is to be very, very targeted in its delivery system.

Because they create code which is looking for something called a programmable logic controller, a PLC.

And the PLC is used to control industrial facilities.

So it's a small computer which you have at things like sewage plants, gas pipelines, train signaling, anything industrial in a factory, air conditioning, even in a building.

They're not built with huge amounts of security in mind.

They just control a physical process.

So they're the controlling system.

And the coders are going to design something which is looking for a very specific one of these PLCs built by the German company Siemens, a specific PLC and one that's operating in a very specific setup.

So you're not just after a specific PLC, but in a particular configuration, which is effectively unique.

Because, going back to the espionage bit they've already done, they've worked out the exact controllers, the exact configurations, what everything's connected to at Natanz, and they are targeting it for that.

None of this, the covert nature of it, the precision would have been possible without what was probably an extended phase of reconnaissance, right?

Digital reconnaissance to map out exactly the structure, the architecture of all of the systems running at Natan's, right?

I mean, you couldn't develop either the, you know, to use the weapon terminology, the missile or the payload without the really detailed map of the facility.

But you've got a problem when it comes to the delivery, because these industrial control systems are not connected to the regular internet.

You know, companies have corporate networks, which are connected to the internet and can be accessed from anywhere and then hacked, but these industrial systems are not.

And then Iran has also taken extra steps, unsurprisingly, given it's a nuclear program, to air gap them so that there are no direct connection points to the regular internet.

So, the question is, how do you get the code in there?

Do you get that code in there, right?

Sounds like you need a human to me.

It sounds like you might need a human.

You hear a lot of people saying, Oh, you know, don't need those human spies anymore.

You know, don't need humans in the world of cyber espionage.

You can steal all the secrets online.

And I do remember, you know, in the early 2000s, I think a lot of the kind of human, humint guys, you know, the CIA and MI6 people, were a little bit insecure, I think, you know, as the arrival of cyber espionage came because it's like you want to get secrets from that safe or that computer.

You don't need to bribe the person running the office anymore or, you know, recruit an agent to steal in it.

You just go online.

You just need a sun-deprived guy eating Pop-Tarts sitting behind a computer screen, right?

You just need Neddy Snowden, you know, to go and

steal the stuff.

And I think there was a bit of insecurity.

I mean, I think there was in the early 2000s that the cyber guys were going to take over and there was no need for these

human operators.

How wrong they were.

You still need a meat sack, right, Gordon?

I've never heard that phrase.

Really?

No.

Meat space.

I know meat space.

Cyberspace and meat space.

Yeah, well, who sits in the meat space?

It's the meat sacks.

It's the humans.

Meat sacks.

So you're going to need a meat sack because you've got to get that coded over what's called an air gap, which means it's not connected to the systems.

So, yeah, you need a person.

So it's thought that what they do is draw up lists of companies and engineers

who might have some kind of access to Natants and to the Iranian nuclear system.

Then the idea is you're going to be able to perhaps feed them a USB stick, which they are going to connect onto their laptop and then into an Iranian air gap system.

and plug it in because there are a lot of systems there which require updating.

It's a fascinating part, I think, of espionage these days.

And it's something which I think people don't realize is that melding of kind of cyber and human espionage.

And this is a good example of that, it looks like.

Well, there were even reports that the Dutch were involved in this part of it, right?

There was a Dutch engineer, I think, who went in and out of Natan's and who may have been involved.

Yeah.

Initially, after all of this became public, people were wondering, you know, was it a witting or unwitting engineer?

How did it get in?

What was the method?

Then quite recently, there was this report, which came out of Dutch media, that there was an individual who worked on the water pumps at Natanz, who was a Dutch engineer.

He had an Iranian wife, and that he had somehow been recruited by Dutch intelligence, the AIBD, back in 2005,

and that he might have been the one to introduce.

the virus and the code into the system on one of these visits.

Although I think the suggestion is he and maybe even the Dutch may have not known what the actual purpose was.

You could imagine the Americans or the Israelis or someone telling the Dutch, we just need to get this code into the system to do some espionage.

And you can imagine this engineer going, could you put this in, you know, help us out.

You don't want to be the meat sack who gets sent into Natan's to like stick a USB drive into a computer, right?

That doesn't seem like a great job to have in this whole game.

Yeah.

All we'll say about this engineer is he then dies in a motorbike crash two years years later near his home in Dubai.

Now, I mean, look, that could be entirely innocent.

I'm not suggesting it's anything worse, but the guy who was involved is not around anymore to explain what happened.

Is this the first appearance of the Dutch AIVD on the podcast?

This is another like semi-obscure intelligence agency that's that's appeared.

For those keeping track, welcome to the program, to the AIVD, the Dutch external service.

Because we've got the bingo cards, haven't we, of Intel services?

Yeah, exactly.

If you put the Dutch AI V D in the middle of that bingo card, you are now, you're rolling.

I'm just imagine someone sitting on a train and going, bingo, as they're, you know, they're listening to this podcast where they finally realize they filled in there, filled in their card.

And everyone go, why are you shouting bingo?

Anyway, well done.

If that's you.

It's 2007, though, right, Gordon?

And the very first variant of this virus is ready to be unleashed on the Tons.

And the first attack, at least the first one we know about, looks like it targets the valves that transfer the uranium gas from one machine to the next, including the isolation valves that protect the centrifuges from faults.

And the code which has been introduced into the system understands and finds its target.

And it's really interesting because it closes one set of valves.

So the pressure in the machine grows as the gas builds up.

Then it opens another set of valves, which dumps the gas out of the tank to waste it.

Now, it's really kind of interesting because it would do this for a couple of hours and then reset itself.

That sounds confusing if you're the Iranians watching this, right?

Because again, it's not like you've bricked the computers and just turned them off.

It's not like you've blown up the valves.

It's not like you've done something really obvious to them.

You've just changed the flow of gas for a while, causing some of it to be wasted.

And you just do this at periodic points.

And I just think it's clever, isn't it?

Because it is not obvious that something going wrong.

And we should say that the flow here was that, let's say, a meat sack put a USB drive into a computer on that closed network, right?

The virus, unbeknownst to anyone on the Iranian side watching this, escapes, but it's not on presumably anything close at that point to the PLCs that run the centrifuge cascade.

So that that virus has found a way.

It's looking for its target.

It's looking for its target.

It then finds its way to the PLCs that control these cascades, and it is then manipulating

the PLC, which is kind of the interface between the digital world and the physical reality of the centrifuges, right?

So it's remarkably complex.

I think it's just worth restating that because it's not like all of a sudden someone in Tel Aviv opened up a screen.

and they're just running those PLCs, right?

I mean, it's gone through this long process to get to its target.

The covert bit of it is what I find fascinating because there's one really kind of clever bit of the operation, which is the code also records what the normal operation of the centrifuges looks like for two weeks.

And then when it starts playing with the centrifuges and those valves, it plays back to the operators the normal flow of data as if they're operating normally.

So we talked about the valves changing, so the pressure is building up.

But if you're an operator, you don't see that.

It looks totally normal.

Because you're being replayed old data of when it was running normally before the code switched it on.

The parallel is in, I think it's Oceans 11, isn't it?

Where there's a bank of CCTV cameras.

You must have seen Oceans 11.

Yeah, yeah.

I have seen it.

Just checking, not like that.

I was too young, Gordon.

I was too young.

Where they're going to do the heist of the vault beneath the casino.

And what they've done is they've recorded the normal operation of the CCTV cameras where nothing's happening.

Right.

And then when they're in doing the heist, they play back normal.

And so the CCTV operators think, you know, everything looks fine until suddenly the picture shows your kind of vault empty of all the money.

I mean, it's, you know, it's that bit of it, I think, which is just frankly brilliant.

It's brilliant.

Yeah.

I mean, again, it ladders up to like, what's the goal here, right?

The goal is time.

And confusion or just not even being aware that your program is being sabotaged while it's being sabotaged is ideal, right?

That is exactly what Western Intel wants out of this.

It does make me think, Gordon, have you seen the movie The Sting?

Yeah.

Classic.

Classic.

It's Robert Redford and Paul Newman.

Paul Newman.

And the premise, right, of this whole wonderful film is how do you con somebody and then at the end, they don't even know they've been conned, right?

That's the most effective con.

And it makes me think of this, which is how do you sabotage a program and the Iranians don't even know that anyone has sabotaged the program, right?

It's an absolutely brilliant piece of tradecraft here.

And you can imagine, you know, what it must be like for those Iranian engineers, because suddenly not enough uranium is coming out.

There's centrifuges, gas is getting dumped out, but all their controls are telling them they're operating normally.

You're going to start pulling the stuff apart.

You're going to kind of start wondering, is it a problem with our controls?

Is, you know, our sensors mistaken?

Is one of our colleagues, you know, mucking around with this?

There's no obvious reason why it's not working as it should do.

And you could just imagine this is just going to kind of sow confusion, doubt, chaos.

You've got to pull everything apart.

Probably have to pull apart every bit of sensor as well as the centrifuges to try and understand, you know, why they're not working.

I mean, that is going to slow a program.

And you're not going to find anything because, you know, you don't realize that you could be doing this remotely through code.

code.

It is amazing.

So they're constantly taking these centrifuges out of action.

And of course, they've had problems before.

The P1 centrifuges were a bit dodgy.

So it's plausible they're just badly engineered.

You know, they actually learn not to trust the instruments, the control panels, and they ask people to go and watch the centrifuges.

It's not how you want to run an industrial facility.

We don't look at the controls because they don't tell us what's going on.

We need someone with eyes on, you know, go and radio back and tell us what's going on.

So in that sense, Olympic Games, it looks like it's working.

Well, and maybe there, Gordon, with the virus unleashed on Natans, we should stop.

And next time, we will look at how really the stakes get raised in this entire program as the Iranian nuclear program becomes more ambitious, as does

this covert effort to bring it down and stop it.

We should also note, though, Gordon Wright, that you don't have to wait for that episode.

You don't have to be delayed like the Iranian nuclear program.

That's right.

Don't be the Iranian nuclear program.

Don't be an engineer wondering what's going on, what's going to happen next.

Be ahead of the curve and join the Declassified Club at therestisclassified.com where you get early access to all the episodes in this series and future series and crucially also bonus episodes.

And we've got a cracker coming up, haven't we, on Friday?

We've got an interview we've done with none less than David Petraeus.

That's right.

Wonderful conversation with Director Petraeus, who was the CIA director actually when I was there.

And talked with him about that, talked with him about what's going on in the world, talked with him about the agency.

Really brilliant stuff.

Great interview.

And we'll be dropping that on Friday.

So sign up at therestisclassified.com, and we'll see you next time.

See you next time.