Security Experts:

Connect with us

Hi, what are you looking for?



Cyberattacks Possibly Involved in Explosions at Iranian Nuclear, Military Facilities

Recent fires and explosions at important Iranian facilities may have been caused deliberately as part of an operation that involved cyberattacks, according to reports.

Recent fires and explosions at important Iranian facilities may have been caused deliberately as part of an operation that involved cyberattacks, according to reports.

There have been several incidents at major Iranian industrial facilities in recent weeks, including a fire at the Natanz nuclear enrichment site and an explosion at the Parchin military complex near Tehran, which is believed to be involved in the production of missiles.

Iranian officials blamed the Parchin explosion on a gas leak and in the case of Natanz they downplayed the incident claiming that it only impacted a warehouse that was under construction.

Explosions at Iranian nuclear and military facilities reportedly caused by cyberattacks

However, some believe the damage was more extensive than Tehran admitted and in the case of Natanz there also appears to have been an explosion. Experts told the Associated Press that the Natanz incident apparently impacted a production facility.

Natanz, one of Iran’s primary nuclear facilities, was targeted a decade ago with the Stuxnet malware as part of a campaign supposedly conducted by the United States and Israel.

According to some reports, a cyberattack allegedly launched by Israel may have been involved in the latest incident as well.

Kuwaiti newspaper Al-Jarida claimed to have learned from sources that the Natanz fire was the result of a cyberattack aimed at gas compression systems and a blast allegedly caused a crack in a reactor building. The same newspaper reported that the Parchin incident was also caused by a cyberattack.

Learn more about industrial threats at SecurityWeek’s 2020 ICS Cyber Security Conference and SecurityWeek’s Security Summits virtual event series

Iran’s Mizan news agency cited an Iranian military leader saying that the country would “respond” if a cyberattack was involved.

An apparent Iranian dissident group calling itself “Cheetahs of the Homeland” has taken credit for the attack on the facility at Natanz, but it did not provide additional details.

Israel revealed in April that industrial control systems (ICS) at some of its water facilities had been targeted by a sophisticated threat actor which, according to SecurityWeek’s sources, knew exactly how to attack ICS.

Iran was the main suspect in that attack, whose goal may have been to disrupt or poison Israel’s water supply. However, Israel said it had thwarted the attack before any damage was caused.

Related: Bitter Israel-Iran Rivalry Takes New Forms Online

Related: Nazar: Old Iran-Linked APT Operation Monitored by NSA

Related: U.S. Girds for Cyber Threats From Iran as Military Clash Fears Ebb

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...


The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while...

Malware & Threats

Threat actors are increasingly abusing Microsoft OneNote documents to deliver malware in both targeted and spray-and-pray campaigns.