In early April, municipal workers at a water pumping station in central Israel noticed a warning from their computer systems — a few pumps had been malfunctioning, turning off and on without being told to.
At first, it seemed innocuous — water pumps are finicky and the malfunctions did not seem to disrupt the supply — but within hours, investigators found something more ominous.
A piece of Iranian-written code had travelled around the world, passing through servers in the US and Europe to hide its origins, and finally to the commercially manufactured software controllers that operated the water pumps, according to four Israeli officials and a western intelligence official briefed on the findings.
Its suspected goal? To trick the computers into increasing the amount of chlorine added to the treated water that flows to Israeli homes, the western official said.
An Israeli official said the suspected attack — the latest salvo in the four-decade hostility between the two countries — had opened the door to “an unpredictable risk scenario”. The official added that it had created a precedent for tit-for-tat cyber attacks on civilian infrastructure that both countries have so far avoided — and may still be keen to avoid.
An Iranian regime insider dismissed the allegations.
“Iran cannot politically afford to try to poison Israeli civilians. And even if Iran did so, where is the Israelis’ appropriate response?” the regime insider said. “Our suspicion is that Israelis want more money from the US and made up the whole thing. But the Americans are no idiots.”
Alireza Miryousefi, spokesman for Iran’s mission to the UN, said Iran’s cyber activities “are purely defensive and protective”.
“As a victim of cyber warfare . . . and other cyber sabotages, we know well how destructive it can be,” Mr Miryousefi said. “We have been continuously a target by malevolent forces, and will continue to defend against any attack.”
Both governments regularly accuse each other of nefarious activities and engage in propaganda.
The alleged Iranian cyber attack on the water plant could have triggered fail-safes that would have left tens of thousand of civilians and farms parched in the middle of an Israel heatwave, as the pumping station shut down when the excess chemical was detected. In the worst-case scenario, hundreds of people would have been at risk of becoming ill, said the western official, whose government was briefed on the attack.
“It was more sophisticated than they [Israel] initially thought,” the official said. “It was close to successful, and it’s not fully clear why it didn’t succeed.”
Israel is now braced for further cyber attacks.
“Cyber winter is coming and coming even faster than I suspected,” Yigal Unna, the head of Israel’s National Cyber Directorate told a conference last week, without mentioning Iran’s alleged role in the suspected attack on the water station. “We are just seeing the beginning — we will remember this as a changing point in the history of modern cyber warfare.”
Israel officials said the Jewish state retaliated last month for the alleged Iranian attack.
Under orders from Naftali Bennett, then acting defence minister, Israel carried out a small, but sophisticated attack on the Shahid Rajaee Port, which handles nearly half of Iran’s foreign trade, according to two of the Israeli officials, who asked not to be identified because they were not authorised to discuss the issue in public.
“It was small, very small — like a knock on the door,” said one official. “Think of it [as] a gentle reminder. ‘We know where you live.’”
Neither Israel nor Iran have officially acknowledged targeting each other’s civilian infrastructure, nor have they publicly described the severity of the cyber attacks.
The Iranian regime insider said: “Iranian ports are usually chaotic and disruptions happen.”
The Washington Post first reported the Israeli attack on the Iranian port, citing US intelligence officials. An Iranian government statement said Tehran was investigating the possibility of a cyber attack at the port.
Striking at Iranian civilian infrastructure was an escalation taken at the behest of Mr Bennett, who insisted on a visible response to the suspected attack on the water infrastructure, according to two Israeli officials. At the time, Mr Bennett’s tenure as caretaker defence minister was close to ending, as a new Israeli government had been agreed upon, but not sworn in.
Mr Bennett, who served in an elite military unit, and is considered more rightwing than prime minister Benjamin Netanyahu, demanded a list of targets from the Israeli military, said two of the Israeli officials. His office declined to comment.
The Israel Defense Forces has a small cyber security unit specifically dedicated to probing enemy defences, including a still unclaimed attack using malware that ended up crippling Iran’s centrifuge program around 2010 that is widely attributed to Israel.
The port was “roughly in the middle of the page of options,” said an Israeli official. “Any disruption would be economic, nobody’s safety would be placed at risk, they would be reminded we are here, we are watching.”
It is unclear how successful the attack was in disrupting the port’s activities, which are already chaotic due to sanctions that have crippled Iran’s economy. The western official said he was shown evidence of lines of trucks waiting to enter the port as the authorities sought to fix the damage.
“So Iran may have caused a temporary water shortage, and Israel may have caused a temporary traffic jam,” the official said. “In the grand scheme of things, it’s nothing. But it never stops at that.”
This post was created with our nice and easy submission form. Create your post!