The Begin Doctrine Revisited

By Daniela Richterova

On 7 June 1981, Iraq’s nuclear programme suffered a literal blow when its nuclear reactor in Osirak was levelled to the ground. Almost immediately after the operation, Israel admitted to orchestrating the attack to protect its citizens from a potential nuclear threat. Osirak was the first practical demonstration of what came to be known as the Begin Doctrine, named after Menachem Begin, the then Israeli Prime Minister, who ordered the 1981 attack. 

The Begin Doctrine is an Israeli policy to prevent the country’s adversaries from acquiring military nuclear capability. Since the early 1980s, this counter-proliferation policy has been a key component of Israel’s defence strategy. Thus, if the word on the street is true and Israel is one of the architects of the Stuxnet computer worm, which was designed to attack an Iranian nuclear site in 2009, then we are witnessing a major evolutionary change in the Doctrine’s implementation.

The world got a hint of this change when, in September 2007, Israeli fighter jets were sent off to strike a nuclear facility in North-West Syria. According to US intelligence, the facility was designed for military purposes and was being constructed with the assistance of North Korean experts. Immediately after the attack, both Israel and Syria were suspiciously quiet about the event. It was only several weeks later that the Israeli Defence Force (IDF) confirmed its signature under the operation - even though it still maintained censorship on the details of the air strike - and reiterated its commitment to enforcing the Begin Doctrine. This time, however, Israel gave a twenty-first century twist to its operation by orchestrating a cyber attack prior to and during the actual operation aimed at paralysing Syrian air defence mechanisms. By coordinating a cyber and a bombing assault, the Syrian radar system was effectively shut down and Israeli fighter jets were able to enter Syrian air space to execute their mission. Operation Orchard was one of the first examples of combining conventional military attacks with elements of cyber warfare (cyber attacks have also been said to have accompanied the 2008 Russian invasion of Georgia).   

Considering Israel’s history of enforcing the Begin Doctrine and the US keeping all options “on the table” in relation to ongoing Iranian nuclear aspirations, last year’s attack on Iran’s major enrichment centre in Natanz hardly came as a surprise. What did generate a worldwide wave of surprise, however, was the modus operandi. Instead of engaging fighter jets and top secret units to penetrate enemy lines, architects of this attack decided to strike Natanz’s operational system by using superb programming skills and a flash drive.

Last November, after almost a year of silence, the Iranian President, Mahmoud Ahmadinejad, finally admitted that a computer worm had incapacitated some centrifuges, thereby setting back the Iranian nuclear programme. Despite the fact that no one has yet claimed responsibility for the cyber attack, the US and Israel (possibly cooperating with experts from Germany and the UK) are widely considered to be the architects of what The New York Times called “the most sophisticated cyberweapon ever deployed”.

Technically speaking, Stuxnet is a type of malware, which targets computers running Siemens software used in industrial control systems and, once having infiltrated the control system, is capable of controlling it from anywhere around the world. The computer worm seems to have included two major components. The first one sent Iran’s nuclear centrifuges spinning wildly out of control. The second enabled the computer programme to secretly pre-record normal operations at the nuclear plant, which it would then play to the plant operators when the centrifuges were already spinning out of control and tearing themselves apart.

The US’s and Israel’s long-term determination to destroy Iranian nuclear aspirations, combined with their potential (both financial and technological) to orchestrate such an attack, makes it highly probable that these two states masterminded the Stuxnet attack. According to latest reports, Israel was even said to have used its secretly operated Dimona nuclear facility to test the worm’s effectiveness by spinning nuclear centrifuges virtually identical to Iran’s.

If these assumptions about Stuxnet’s origin and its destructive capability are indeed accurate, then we can assume that the Begin Doctrine is still one of the driving forces of Israeli defence policy and, more importantly, that it enjoys solid US support. Only now, Israel has much more sophisticated and effective means of implementing the Doctrine. These newer means have been characterised as a paradigm shift, due to their advantages over conventional attacks. They have several advantages. Attacks in cyberspace are a lot cheaper than if Israel and its partners were to opt for aconventional military operation. More importantly, cyber attacks can be orchestrated from anywhere in the world. The Jewish State no longer needs to work on persuading the US to allow the Israeli Air Force’s fighter jets to fly over Iraqi territory (Israel has so far been unsuccessful in doing so), or fly over its neighbours’ territory, risking either retaliation or another diplomatic fiasco. Cyber attacks also tend to avoid the loss of life or injury to civilians, as in the case of Stuxnet. And thanks to the so called “problem of attribution”, which makes the origin of cyber attacks very difficult to track down, Israel’s actions are less likely to instigate international uproar or result in prosecution.

There are, however, also imperfections and downsides to this new paradigm. Stuxnet did not manage to stop the Iranian nuclear project; it only set it back by destroying approximately one fifth of its centrifuges. Thus, it still remains unclear how long it may take until cyber attacks, unaccompanied by conventional force, will be sophisticated and precise enough to fully destroy their targets. More importantly,  Stuxnet might end up turning against its own creators if it gets into the wrong hands. According to an independent German computer expert, Ralph Langner, who was one of the first to decode Stuxnet, anyone who studies the computer worm closely enough can build a similar model.  Thus, North Korea or Iran, which are presumed to have access to sophisticated cyber capabilities, might sooner or later arrive at their own version of Stuxnet, which could be directed against their adversaries’ critical infrastructure.

Nevertheless, despite all its imperfections and shortfalls, Stuxnet is the first ever computer worm to have succeeded in causing physical harm to a nuclear facility and was smart enough to cover it up. As long as computer worms remain more successful than UN Security Council sanctions, and as long as countries governed by radical regimes continue to strive for nuclear weapons, then Israel, the US, or anyone else who is determined to fight nuclear proliferation would be foolish not to use Stuxnet-like technology as their main tool of combat. 


Daniela Richterova holds an MA in War Studies from King’s College London. She is currently conducting research on Afghan governance and cyber security challenges. Her main research interests include the history of the Arab-Israeli conflict as well as US and EU policy towards the Middle East.


16 May 2011


Related Article: 

Massimiliano Fiore, What Is Worse for Israel, Attacking or Not Attacking Iran's Nuclear Infrastructure?