Iran has limited capacity to retaliate in kind to an apparent cyber attack that infected computers at its sole nuclear power plant, analysts say, but some worry it could seek to hit back by other means.
Security experts say they believe the release of the Stuxnet computer worm may have been a state-backed attack on Iran's nuclear program, most likely originating in the United States or Israel. But they say the truth may never be known.
Little information is available on how much damage, if any, Iran's nuclear and wider infrastructure has suffered from Stuxnet -- and Tehran will probably never share the full details. Officials said on Sunday the worm had hit staff computers at the Bushehr nuclear power plant but had not affected major systems there.
Some analysts believe Iran may be suffering wider sabotage aimed at slowing down its nuclear ambitions, and point to unexplained technical problems that have cut the number of working centrifuges in its uranium enrichment program.
In the short term, intelligence experts believe Tehran's priority will be trying to identify the source of the attack and examining how the worm was uploaded onto its systems. "The Iranian internal security and counterintelligence departments will need to nail down the culprits first, then work out how to turn the tables," said Fred Burton, a former US counterintelligence expert who is now vice president of political risk consultancy Stratfor.
But finding reliable evidence identifying which country or group was responsible might well prove impossible, increasing the probability of a more unofficial and deniable reaction.
Some analysts suggest Iran might like to retaliate with a cyber attack against Israel or the West – although there are question marks over its capability to do so.
"I don't think we can expect much in the way of retaliatory cyber attacks," said regional analyst Jessica Ashooh. "The Iranians simply don't have the technical capacity to do anything similar to properly protected systems – as evidenced by the very hard time they are having controlling and quarantining this attack."
Nevertheless, experts say Iran has made improving its cyber espionage capability a priority – and will probably aim to grow these resources further in the years to come.
The risk, some worry, is that Iran might be tempted to either intensify its own nuclear program or target the West's own nuclear installations in return.
"How prepared are we all for this and could this set in motion a deadly game that catalyses a nuclear program no one intended to engage in?" said Mark Fitt, managing director of N49 Intelligence, a firm that advises businesses in the Middle East.
In terms of a more conventional response, Iran could potentially act through proxies such as Hezbollah in Lebanon and Hamas in Gaza, as well as insurgents in Iraq and Afghanistan.
"They can... use networks in Afghanistan and the Gulf to strike back using unconventional `stealth tactics' and asymmetric methods," said Fitt.
"It's by no means a one-off – I think we'll see much more of this," said Ian Bremmer, president of political risk consultancy Eurasia Group.
- Follow Ynetnews on Facebook