Iranian hackers tried to trick Israeli computers into raising the chlorine content in the country’s water supply to dangerous levels, the Financial Times reported on Sunday.
The report refers to the April 24 cyber attack on an Israeli pumping station, widely attributed to the regime in Tehran.
According to the Financial Times, Israeli and foreign intelligence officials were alerted at the time to a piece of Iranian-written code that purposely passed through servers in the United States and Europe to keep its origin hidden, before reaching the Israeli water-pump system.
One western official quoted in the report called the cyber attack “more sophisticated than [Israel] initially thought,” adding that it had been “close to successful.”
Had it succeeded, the official said, either tens of thousands of Israelis would have been left without water, or hundreds would have fallen ill from the excess chlorine.
Tehran denies the allegations, but holds Jerusalem responsible for the May 9 cyber attack on Iran’s Shahid Rajaee Port, one of two major shipping terminals in the coastal city of Bandar Abbas in the Strait of Hormuz.
U.S. and foreign security and intelligence officials told The Washington Post, which first broke the story, that the “highly accurate” cyber attack appeared to have been an Israeli retaliatory operation.
At an international conference on Friday, Israel National Cyber Directorate head Yigal Unna said, “There seem to be new rules for cyber warfare—it could be cyber versus cyber, or kinetic versus cyber—and everything will accrue to civilian-targeted warfare. We [countries] have to decide what constitutes critical infrastructure and pursue cyber risk management for nonessential state systems.”
Iran and Israel have been engaged in a covert cyber war for the past decade.
The Stuxnet worm, revealed in 2010 and widely assumed to be a joint Israel-U.S. creation, is believed to have caused serious damage to Iran’s nuclear program. Last September, a general in Iran’s Islamic Revolutionary Guard Corps said that the “Stuxnet cyber attack had had the positive effect of ‘causing us to pay attention’ to the cyber security of its nuclear installations.”