To substantiate its claim, the group released several files, photos, and documents allegedly verifying the breach under the title "Operation Octopus".

Following an inquiry by Israel Hayom, Bennett's office initially stated that he was "unaware of such an event." However, after political commentator Amit Segal reported that the phone had indeed been breached, Bennett's team rushed to issue a statement clarifying that the matter was being handled by relevant security and cyber officials and that the device in question is not currently in use.

Bennett did not stop there and issued yet another clarification, suggesting it is possible the phone was not breached at all. Amid the confusion, Israel Hayom contacted Shai Nahum, CEO of the tech firm CYGHT and a cyber warfare expert.

"According to forensic analysis of the leaked files, there is a high probability that this is not Bennett's phone, but apparently that of one of his associates," Nahum said.

He noted that the leaked photos and video clips had been processed by editing software known as Handbrake, "most likely to change the video format and edit various data points, including metadata."

Nahum added that an analysis of the leaked contact list indicates it does not belong to Bennett himself, but rather to someone likely close to him. For example, contacts are saved under names such as "Bennett's Minister," "Revital Bennett Comms," and even "Naftali Bennett."

"It appears there is an attempt here to portray Bennett as weak, as someone who does not know how to deal with cyber threats or analyze risks properly," Nahum emphasized. "It is understood that this is a group with political and regional interests operating under Iranian sponsorship."

"Sophistication level has risen"

Itay Schwartz, co-founder and CTO of the cyber company MIND, added: "Even before asking if Bennett's phone was truly hacked, one must understand what this event signals: The level of sophistication of cyberattacks in our region has risen dramatically. In recent years, we see actors like Hezbollah and Iran improving capabilities, after the Syrian Army's cyber unit also operated here for years. The enemy is simply improving.

"From the details published, it seems this is an old device that was not updated – exactly the type of weakness attackers know how to exploit. But it is important to emphasize: Even if there was a hack here, it does not mean the hackers received full access to all information. The moment an attacker enters a personal device, he can try to spread to additional assets, because everything is connected, but there is no certainty he succeeded," he added.

"The central lesson is that information security no longer stops at the device itself. A single civilian device today holds huge amounts of sensitive, personal, and sometimes classified information. To prevent such events, one needs not only to protect the phone – but to detect early when information starts moving to a place it shouldn't reach," Schwartz concluded.

The post Iranian hackers claim breach of former Israeli PM's device appeared first on www.israelhayom.com.

The cyber intrusion group that targeted the president's campaign operation during 2024 has asserted possession of approximately 100 gigabytes worth of electronic correspondence that could potentially be disclosed, according to Reuters' Monday reporting. Operating under the alias "Robert," these digital attackers have declined to reveal specifics regarding the correspondence contents or provide timelines for any potential publication, the news organization reported.

This latest intimidation emerges during heightened US-Iran tensions following Trump's authorization of American military strikes against the country's nuclear installations in June. Trump had declared the attacks resulted in "total obliteration" of the facilities, though the United Nations nuclear monitoring agency chief stated Sunday that the assaults failed to eliminate Tehran's nuclear capabilities, noting the country could resume uranium enrichment "in a matter of months."

Newsweek confirmed that this same collective had previously distributed certain electronic messages during the period leading up to the US presidential election last year. Through digital conversations with Reuters, the group indicated they had also acquired electronic communications from accounts belonging to Trump legal representative Lindsey Halligan and adult entertainment performer Stormy Daniels, who reportedly received $130,000 for executing a confidentiality agreement concerning an alleged relationship with Trump.

The US Cybersecurity and Infrastructure Security Agency (CISA) declared late Monday that a "hostile foreign adversary is threatening to illegally exploit purportedly stolen and unverified material in an effort to distract, discredit, and divide." The White House and Iran's United Nations mission have been contacted by Newsweek via electronic correspondence for their responses.

This revelation underscores Washington's continued struggles with international interference directed at the executive branch. During September proceedings, the US Justice Department under the Biden administration formally charged three Islamic Revolutionary Guards Corps members with orchestrating a data breach that failed to influence the presidential contest. The cyber collective remained silent regarding these accusations, while Tehran has consistently rejected any involvement in digital espionage activities.

CISA representative Marci McCarthy characterized the digital intrusion as a "calculated smear campaign" designed to harm the president. FBI Director Kash Patel issued a warning through Reuters, stating: "Anyone associated with any kind of breach of national security will be fully investigated and prosecuted to the fullest extent of the law."

Reuters verified portions of material from the earlier disclosure, which surfaced before the presidential election. The documentation, containing electronic messages from various accounts including Wiles', was distributed to media professionals. One electronic communication reportedly outlined financial arrangements between Trump and legal counsel representing Robert F. Kennedy Jr., Trump's nominee for health secretary. Additional correspondence addressed settlement discussions with Daniels, according to the news organization.

Reuters reported that the cyber attackers claimed they had no plans to release material after Trump's election to his second White House term. However, their position shifted following Trump's intervention in the intensifying Iran-Israel conflict after 12 days of armed confrontations. The group told Reuters they wanted the news agency to "broadcast this matter."

The post Did Iran manage to hack sensitive Trump emails? appeared first on www.israelhayom.com.

A cyberattack on Sunday disrupted access to Iran's privately owned Mahan Air, state TV reported, marking the latest in a series of cyberattacks on Iranian infrastructure that has put the country on edge.

Follow Israel Hayom on Facebook and Twitter

Mahan Air's website displayed an error message saying the site couldn't be reached. The carrier said in a statement that it had "thwarted" the attack and that its flight schedule had not been affected, adding it has faced similar breaches in the past.

"Our cybersecurity team worked with total efficiency to thwart the attack. For us, this was a routine incident, and this was not the first time attacks like this have taken place," a Mahan Air spokesperson told the country's Fars News Agency.

Many customers of Mahan Air across Iran received strange text messages on Sunday. A group calling itself Hoosyarane-Vatan, or Observants of Fatherland, claimed in the mass texts to have carried out the attack, citing the airline's cooperation with Iran's paramilitary Revolutionary Guard. The self-described hacking group did not provide any evidence.

Mahan Air flies from Tehran to a few dozen destinations in Asia, Europe and the Middle East. The United States Treasury Department, which polices compliance with sanctions, blacklisted the airline in 2011 for allegedly "providing financial, material and technological support" to the Revolutionary Guard's elite Quds Force, responsible for the Islamic Republic's campaigns abroad. The Treasury has accused Mahan Air of ferrying weapons, goods and personnel to Hezbollah in Lebanon.

Major cyberattacks have struck various Iranian systems in recent months, with one in October crippling gas stations across the country, leaving angry motorists stranded in long lines unable to use their government-issued cards to buy subsidized fuel. Without naming a specific country, Iranian President Ebrahim Raisi blamed the hack on anti-Iranian forces seeking to sow disorder and disruption.

Another attack targeted the railroad system, causing mass confusion with scores of trains delayed and canceled across Iran.

Subscribe to Israel Hayom's daily newsletter and never miss our top stories!

The post Iran's Mahan Air targeted in cyberattack appeared first on www.israelhayom.com.

Hours after leaking the personal details of users of an LGBTQ dating app, Iran-affiliated hacker group Black Shadow continued to wreak havoc Tuesday night as it released private information on nearly 300,000 Israelis receiving medical treatment at the Mor Institute, including patient requests and test results.

Follow Israel Hayom on Facebook and Twitter

Patients' credit card information does not appear to have been leaked at this time.

Black Shadow also published information on some 30,000 registered users of 103FM Radio's website and nearly 500,000 customers of Locker Ambin Ltd.

As was the case in the Atraf leak, the hackers shared the information via an Excel file shared with a new group they created on Telegram. The hackers also provided links allowing others to download information obtained from the Atraf app. The messaging app was forced to take action on the matter after being ordered to do so by the State Attorney's Office.

On Friday evening, BlackShadow announced it had hacked the servers of Israeli internet company Cyberserve. The hackers shuttered the company's servers and threatened to leak data pertaining to hundreds of thousands of users.

Cyberserve is a web hosting company that provides servers and data storage for companies such as the Kan public broadcaster, the Israel Lottery, Taglit-Birthright, the Dan and Kavim public transportation companies, the Children's Museum in Holon, LGBTQ dating app "Atraf," tour booking company Pegasus, the Israeli Children's Museum, and dozens of other sites.

BlackShadow first surfaced last year, with a massive breach of Israeli insurance company Shirbit and later of KLS Capital. Information from both companies' clients was leaked in the days following the breach.

The group, which had threatened to leak the data obtained from Atraf if a $1 million ransom was not paid within 48 hours, claimed to have leaked the entire user database after its demands were not met Tuesday night.

Meanwhile, another group of hackers known as Moses Staff claimed to have broken into the databases of three Israeli engineering firms: H.G.M. Engineering, David Engineer, and Ehud Leviathan Engineering. Moses Staff leaked personal information of those companies' clients, including their identification numbers.

The hackers claimed to "have all of the data and projects of the engineering companies we breached, including maps, pictures of letters, contracts, and more. You can download some of this data from the link below. The company's information will be published gradually," they said.

Moses Staff previously claimed to have accessed information on Defense Minister Benny Gantz and released some of his personal photographs and documents.

Oded Vanunu, the head of Product Vulnerability Research at American-Israeli software firm Check Point, told Israel Hayom: "The full leak from the Atraf website should be a warning sign on the national level and on the level of the companies storing personal information on the Internet. The personal details of Israeli citizens are repeatedly being leaked following cyberattacks that could easily have been prevented. We should assume the information will be used for very precise phishing attacks by additional hacker groups around the world."

Subscribe to Israel Hayom's daily newsletter and never miss our top stories!

The post Black Shadow leaks info on hundreds of thousands more Israelis appeared first on www.israelhayom.com.

Facebook blamed a "faulty configuration change" for a nearly six-hour outage on Monday that prevented the company's 3.5 billion users from accessing its social media and messaging services such as WhatsApp, Instagram and Messenger, and reduced Facebook CEO Mark Zuckerberg's personal wealth by nearly $ 7 billion.

Follow Israel Hayom on Facebook and Twitter

The company in a late Monday blog post did not specify who executed the configuration change and whether it was planned.

Several Facebook employees who declined to be named had told Reuters earlier that they believed that the outage was caused by an internal mistake in how internet traffic is routed to its systems.

Although it isn't confirmed, tech experts think that Facebook's DNS protocols – or in other words, how Facebook's data connects to users trying to find it – was taken offline, probably by accident although there is still an outside chance it relates to a cyberattack.

Experts say the code which tells servers where Facebook is – kind of like a postal address for computers – has been removed.

Therefore, though Facebook's app and website and all its data still exist, the servers that take users' internet browsers and connect it to Facebook's servers don't know where Facebook, Instagram or WhatsApp are anymore, or how to find their data.

The failures of internal communication tools and other resources that depend on that same network in order to work compounded the error, the employees said. Security experts have said sabotage by an insider was also both plausible.

"We want to make clear at this time we believe the root cause of this outage was a faulty configuration change," Facebook said in the blog.

The Facebook outage is the largest ever tracked by web monitoring group Downdetector.

The outage was the second blow to the social media giant in as many days after a whistleblower on Sunday accused the company of repeatedly prioritizing profit over clamping down on hate speech and misinformation.

On Sunday, Frances Haugen, who worked as a product manager on the civic misinformation team at Facebook, revealed that she was the whistleblower who provided documents underpinning a recent Wall Street Journal investigation and a US Senate hearing last week on Instagram's harm to teen girls.

Haugen was due to urge the same Senate subcommittee on Tuesday to regulate the company, which she plans to liken to tobacco companies that for decades denied that smoking damaged health, according to prepared testimony seen by Reuters.

Haugen also has filed complaints with federal authorities alleging that Facebook's own research shows that it amplifies hate, misinformation and political unrest, but the company hides what it knows.

As the world flocked to competing apps such as Twitter and TikTok, shares of Facebook fell 4.9%, their biggest daily drop since last November, amid a broader selloff in technology stocks on Monday and a 15% drop since mid-September.

According to the Bloomberg Billionaires Index, this has cost Zuckerberg the fifth position among billionaires. Now, he stands with $ 120.9 billion in sixth place, behind Bill Gates.

"To every small and large business, family, and individual who depends on us, I'm sorry," Facebook Chief Technology Officer Mike Schroepfer tweeted, adding that it "may take some time to get to 100%."

"Facebook basically locked its keys in its car," tweeted Jonathan Zittrain, director of Harvard's Berkman Klein Center for Internet & Society.

Twitter on Monday reported higher-than-normal usage, which led to some issues in people accessing posts and direct messages.

In one of the day's most popular tweets, video streaming company Netflix shared a meme from its new hit show "Squid Game" captioned "When Instagram & Facebook are down," that showed a person labeled "Twitter" holding up a character on the verge of falling labeled "everyone."

Subscribe to Israel Hayom's daily newsletter and never miss our top stories!

Inside a Facebook group for ad buyers, one member wisecracked after service returned that "lots of people searched today 'how to run Google ads for clients.'"

Facebook, which is the world's largest seller of online ads after Google, was losing about $545,000 in US ad revenue per hour during the outage, according to estimates from ad measurement firm Standard Media Index.

Past downtime at internet companies has had little long-term effect on their revenue growth, however.

Facebook's services, including consumer apps such as Instagram, workplace tools it sells to businesses and internal programs, went dark at noon Eastern time (1600 GMT). Access started to return around 5:45 pm ET.

The post Facebook blackout claims $7B of CEO Zuckerberg's wealth appeared first on www.israelhayom.com.

The Bank of Israel says databases it plans to establish with customer data will not include identifiable information. The central bank issued the statement after announcing plans to require commercial banks and credit companies to transfer information on their customers' activities over the last five years for the purpose of establishing a big data database.

Follow Israel Hayom on Facebook and Twitter

According to the Bank of Israel, the database's establishment will benefit the collection and analysis of a greater amount of data to increase efficiency in the financial system.

The Bank of Israel is also dependent on the increased use of big data by other central banks around the world. According to a recent report by the Bank for International Settlements, an international financial institution owned by central banks, around 80% of central banks around the world are discussing using big data, and "the vast majority" are focusing on "projects that involve big data."

Around 70% of this use concerns financial research, while 40% is used for policymaking, as some central banks use the data for both ends.

Nevertheless, the BIS statement does not say anything about central banks collecting data by obligating commercial banks and credit farms to transfer data. Nor has the Bank of Israel said anything about protecting user data or the possibility sensitive information could get out, either through a cyberattack or other means.

Last month, the Bank of Israel announced the establishment of another database, Mesila, for the "improvement of monetary and financial statistics" that is set to include detailed information on credit loans for the business sector.

The Bank of Israel claimed the new database "will not include identity cards, account numbers, and the like as these will automatically be erased as soon as the data is received and its use for researching the database is exhausted."

However, the bank later noted "identification data are necessary for initial receipt [of the data], for its construction from several sources of information. It is important to note that that this is a one-time, not ongoing report."

In essence, then, personal financial information will in fact be tied to identifiable details.

The Bank of Israel added that "following the exhaustion of financial insights from the database, the entire database will be erased and will not be preserved by the Bank of Israel." However, the bank did not provide a timeframe for how long it would take for these insights to be exhausted beyond saying "the collection of data from the banking system is carried out in accordance with the Bank of Israel Law, similar to other regularly received reports," it said.

"This report was carried out at the highest and most stringent standards for maintaining privacy, as was done in practice with the bank's database of credit date that has existed and been in operation since 2019," it said.

According to the Bank of Israel, "The current project is being carried out with the help of the bank's privacy commissioner, the legal department, and information security experts, additionally, on this issue, the Bank of Israel is working in accordance with Justice Ministry guidelines."

In addition, the bank defended the purpose for establishing the database, saying it saw great value in making more precise and correct decisions through the use of big data databases. "The need for the analysis of such a database is tied to several issues at the heart of the Bank of Israel's activities, and it has significance for achieving objectives for the benefit of the Israeli market."

The Bank of Israel said such a database could, for example, improve the "efficacy of the government's aid program during the coronavirus crisis, as well as with the influence of restrictions on the economy and various populations. Likewise, the Bank of Israel, in cooperation with the Justice Ministry, is leading an interministerial team focusing on issues of financial inclusion, so that additional populations will be able to have access to basic financial services and improve their financial situation.

"In addition, the database will allow for informed decision making on issues such as the use of cash and implementing advanced means of payment and communication," the Bank of Israel said.

The Justice Ministry has yet to comment on the report.

Subscribe to Israel Hayom's daily newsletter and never miss our top stories!

The post Bank of Israel demands customer data from banks, credit firms appeared first on www.israelhayom.com.

Documents detailing the cyber activity of a covert Revolutionary Guard unit and obtained by Sky News reveal the Islamic Republic's planned targets, with the unit focusing on targets in the US, Britain, and France in particular.

Follow Israel Hayom on Facebook and Twitter

According to a security official quoted in the Sky News report, the information laid out in the 57-pages of documents offers a glimpse into the activities of the Shahid Kaveh unit, including future plans to attack ships or destroy a gas station pump.

"They are creating a target bank to be used whenever they see fit," the anonymous source told the UK outlet.

The documents, comprising five reports marked as "very confidential," one dated Nov. 19, 2020, and another April 19 the same year, provide detailed information on satellite communications used by the international shipping industry and a computerized system used in smart buildings around the world, according to the Sky News report.

Interestingly, most of the pages contain the following quote from Ayatollah Ali Khamenei: "The Islamic Republic of Iran must become among the world's most powerful in the area of cyber."

Six pages in the report pertain to a system for tracking the flow of gasoline at gas stations, with particular focus on an American company by the name of Franklin Fueling Systems, which the report's authors note "support many customers in Europe, Africa, America, and the Middle East, and they can control and manage these systems." The report further notes an "explosion of these gas pumps is possible if these systems are hacked and controlled remotely."

The documents also detailed a kind of satellite technology used for maritime communication by the global shipping industry called the Seagull 5000i system.

Among the targets delineated in the report were the headquarters of US-headquartered multinational conglomerate Honeywell, German multinational conglomerate Siemens AG, and France-based Schneider Electric Global.

Subscribe to Israel Hayom's daily newsletter and never miss our top stories!

The post Documents reveal Iranian plans for cyberattacks on Western targets appeared first on www.israelhayom.com.

Iranian hackers reportedly broke into the computer system of clothing retailer H&M Israel and are threatening to release customer data, Israeli media reported on Sunday.

Follow Israel Hayom on Facebook and Twitter

An Iranian hacker group identified as "N3tw0rm" has warned that it could release 110 gigabytes of data belonging to H&M Israel unless its demands, which have not been publicly specified, are met.

Several other Israeli companies have recently been targeted in similar cyberattacks.

In December, Iranian hackers claimed to have carried out a cyberattack against Israel Aerospace Industries.

That cyber group, known as Pay2Key, published on its website a list of users of company Elta Systems as proof for breaching its system.

According to Kan 11 News, the attackers boasted about their alleged success on the dark web, coyly alluding to their ability to encroach any cyber defense.

Cyber researcher Jackie Eltal estimated that if the hackers gained access to users' information, they probably hold onto more sensitive information from Elta Systems' database, Kan reported.

This article was first published by i24NEWS.

Subscribe to Israel Hayom's daily newsletter and never miss our top stories!

The post Iranian hackers: We cracked computers of H&M fashion chain in Israel appeared first on www.israelhayom.com.

Iran began enriching uranium up to 60% purity Friday, its highest level ever, after an attack targeted its Natanz nuclear site, Parliament Speaker Mohamed Bagher Qalibaf told state TV.

Follow Israel Hayom on Facebook and Twitter 

The comment by Mohammad Bagher Qalibaf, quoted by state television, did not elaborate on the amount Iran planned to enrich. However, it is likely to raise tensions even as Iran negotiates with world powers in Vienna over a way to allow the U.S. back into the agreement and lift the crushing economic sanctions it faces.

The announcement also marks a significant escalation after the sabotage that damaged centrifuges, an attack this past weekend suspected of having been carried out by Israel. While Israel has yet to claim it, the country is widely suspected of having carried out the still-unexplained sabotage at Natanz, Iran's main enrichment site.

"The will of the Iranian nation is a miracle-maker and it will defuse any conspiracy," state television quoted Qalibaf as saying. He said the enrichment began just after midnight Friday.

The head of the Atomic Energy Organization of Iran, the country's civilian nuclear arm, later acknowledged the move to 60%, according to state TV. Ali Akbar Salehi said more details would be forthcoming and declined to further elaborate.

It wasn't clear why the first announcement came from Qalibaf, a hard-line former leader in the paramilitary Revolutionary Guard already named as a potential presidential candidate in Iran's upcoming June election.

While 60% is higher than any level Iran previously enriched uranium, it is still lower than weapons-grade levels of 90%.

Qalibaf announced on Twitter: "I am proud to announce that at 00:40 [Friday] … Iranian scientists were able to produce 60% enriched uranium."

On Wednesday, Iranian President Hassan Rouhani said Iran's move to enrich uranium up to 60% purity was a response to the sabotage at its key nuclear facility. Rouhani added that the Islamic Republic had no intention of building a nuclear weapon.

After an explosion at its Natanz uranium enrichment site on Sunday blamed by Tehran on archfoe Israel, Iran said it would begin enriching uranium at 60%, a move bringing the fissile material closer to levels suitable for a bomb.

It also said it would activate 1,000 advanced centrifuge machines at the site.

"Of course, the security and intelligence officials must give the final reports, but apparently it is the crime of the Zionists, and if the Zionists act against our nation, we will answer it," Rouhani said in a televised cabinet meeting.

"Our response to their malice is replacing the damaged centrifuges with more advanced ones and ramping up the enrichment to 60% at the Natanz facility."

Subscribe to Israel Hayom's daily newsletter and never miss our top stories!

The post Iran has enriched uranium to 60%, parliament speaker reports appeared first on www.israelhayom.com.

Was the power failure at Iran's Natanz nuclear facility on Sunday morning an accident, or sabotage? Was it a cyberattack? Israel Hayom approached experts for their take on the as-yet unexplained incident.

Follow Israel Hayom on Facebook and Twitter

Arik Barbing, former head of the Shin Bet security agency's cyber department, explained that apparently, Sunday's incident was designed to create fear, and not expose any Israeli operational capabilities.

"Any facility the size of an active nuclear reactor is a very complex one that includes a lot of parts and requires a lot of support. There are large systems that ultimately, whether you want it or not, depend on external suppliers. Whether it's the high-tension electrical system, suppliers of air conditioners, or any other infrastructure, even control of the gates," Barbing says.

"A nuclear reactor is such a big building and system that it will never be a 'state within a state' and it will always have weak points. Now what is happening is that some administrative supplier is being attacked, and chaos ensures. It also sends the other side a message that says: We're here, we're with you, we know perfectly well what you're doing behind closed doors. It has a huge psychological effect,' Barbing continues.

Barbing said that a similar action could be carried out in Israel.

"Let's say that the Kirya [military headquarters] in Tel Aviv has a 14-story building, and all of a sudden I shut down air conditioners on the 4^th and 5^th floors. I'm not saying that anything like that has happened, but that it could, and the message to Israel will be clear.

"Similarly, I can get to the nuclear reactor at Nahal Sorek and bring down a high-tension wire that leads to it. The message to Israel will get through loud and clear," he explains.

When asked what strategy underlies acts like these, Barbing says, "These are 'soft blows,' like what happened with the ships. The Iranians haven't sunk any Israeli ship and Israel hasn't sunk any Iranian ship. Both sides are fighting at a low level of power, understanding the other side and preserving a balance that won't dictate a response.

"Therefore, I assume that there was no real damage to the Natanz reactor. But the 'coincidence' of the Iranian announcement about increasing its nuclear capabilities and this malfunction indicate that some entity was sending a quiet message warning them [the Iranians] not to cross a certain line. It's a strong message that essentially says, 'Right now I just shut off the electricity, but I can do a lot more.' It's a message that creates pressure and is well understood. The Iranians obviously know that they are vulnerable."

Barbing says that every action of this type entails a "certain risk."

"Because it's possible that it could expose a dangerous weapon that we are keeping for a real war. But world powers usually know how to deal a blow without their action being revealed, they do so through proxy groups on the dark web and in ways that keep them from being exposed to stronger capabilities. But every action like this carries a certain element of risk," he says.

Cyber expert Menny Barzilay, a member of the Yuval Ne'eman Workshop for Science, Technology, and Security at Tel Aviv University, thinks that a complex attack that targets a nuclear reactor rather than some other nearby facility was perpetrated to do more than cause a power outage. Barzilay says that either a more significant target was damaged, or the incident was caused by local saboteurs or was even a genuine error on the Iranians' part.

 Subscribe to Israel Hayom's daily newsletter and never miss our top stories!

"First of all, the generator and electrical systems of a nuclear reactor are a very well-defended system, separate from the general electrics, so it's not as if you bring down all the electricity in an area and hurt the reactor, too," Barzilay says.

"Even if you cut of the electricity of an entire area, it won't make any difference to the reactor's activity because it has its own internal, independent systems. So if someone got to the reactor alone it's a more precise capability than just an attack. If it was a cyberattack on the reactor itself, it was done by someone who was on the premises and brought an attack tool into the system programs themselves, a tool that was dormant. Either that, or the malfunction was preprogrammed into the system hardware ahead of time.

"In other words, if it was an attack, it wasn't a remote cyberattacks, it was some entity inserted into the system or an attack tool that was implemented from close range that was capable of connecting to the smart generators of a facility like this and shutting down the entire electrical system," Barzilay observes.

Barzilay explains that the capabilities in play there would be so complicated that agents would have to be put in on the ground. "This isn't a tactic that you use to scare the Iranians, but one you use to cause real damage to the site. So if this was an attack, the Iranians aren't saying what was damaged, they're glossing over it. Because if this was just an electrical malfunction, I doubt that we're talking about an attack by a foreign actor because it entails the exposure extremely extensive and powerful capabilities, for no real purpose."

Nations don't carry out such high-precision "scare tactics," because doing so would burn "very unique" capabilities that they would rather keep secret, Barzilay adds.

Dr. Col. (res.) Ori Nissim Levy, an expert in nuclear defense and chairman of the nuclear forum WNF-193.com, explains that an electrical malfunction does not cause any damage to the facility, but discomfits the Iranians.

"Mainly, an electric outage forces the Iranians to turn everything off and start it again. So if it was a power outage, it's just a general threat, nothing bigger," he says.

Levy is of the opinion that the incident appears to be a step designed to "frighten, nothing more."

Either way, he says, a centrifuge creates a gram of nuclear material per year, so a facility that houses 10,000 centrifuges manufactures 10 kg. (22 pounds) of nuclear material per year.

"In effect, the Iranians have a lot more centrifuges, so we can assume that Natanz alone could make a bomb every two years – and of course, there are other facilities. At the moment, at least, it doesn't look as if whoever shut off the electricity wanted to damage the reactor, but just wanted to make them uncomfortable," Levy says.

The post A warning, an error, or something much bigger? appeared first on www.israelhayom.com.