Sabotage Reportedly Shut Down Iran’s Natanz Uranium Enrichment Site
In what appears to be an act of sabotage, Iran’s Natanz uranium enrichment facility was shut down on Sunday, April 11. An explosion at the facility reportedly caused a power failure. US and Israeli intelligence officials said that Israel played a role in the incident. The Natanz facility was shut down a decade ago by the Stuxnet worm.
Not a lot of details out on this one yet, but an important reminder on two fronts. The obvious one is for power system and other critical infrastructure operators to take immediate action to reduce exposure to similar attacks. But, a broader reminder that back in 2010 the Stuxnet malware attack caused spillover that impacted financial systems and many other networks – good reason for an accelerated push to make sure essential security hygiene deficiencies are addressed rapidly.
The take-away is to make sure that critical infrastructure is properly protected from cyber-attack. Control systems need to be properly isolated and never directly accessible from the Internet. Further, not only restrict access to known trusted systems, but also monitor that access for anomalous behavior. Make sure that supporting systems, such as power and cooling are similarly protected and monitored. Lastly, practice good OPSEC. One of the take-aways from the Stuxnet incident was that PR photos in front of the control systems were used to reveal the technology used allowing that attack to be very accurately developed and targeted.