U.S.-Iran Tensions Are High; 40 Years Of Conflict Suggest What Might Come Next After Iran shot down an American surveillance drone in June, tensions between the two countries have only gone up. But the US and Iran have been in some state of conflict for the last 40 years, since the Iranian revolution. This week, we look at three key moments in this conflict to better understand where it might go next.
NPR logo

Rules of Engagement

  • Download
  • <iframe src="https://www.npr.org/player/embed/742712613/753218595" width="100%" height="290" frameborder="0" scrolling="no" title="NPR embedded audio player">
  • Transcript
Rules of Engagement


UNIDENTIFIED REPORTER #1: Decades of ideological divisions have often left Iran isolated on the world stage. Now frustrated and perceived as unpredictable, global hostilities are escalating.

UNIDENTIFIED REPORTER #2: Already difficult relationship between the U.S. and Iran has become even more tense.

UNIDENTIFIED REPORTER #3: U.S. President Donald Trump says Tehran, quote, "better be careful." But Iran has a warning of its own.

UNIDENTIFIED REPORTER #4: Just days after President Trump announced that he'd called off military strikes on Iran with only minutes to spare came a warning that Washington was not backing down.

UNIDENTIFIED REPORTER #5: Iran responded by breaching the limits placed on its nuclear activity.


JOHN BOLTON: Neither Iran nor any other hostile actor should mistake U.S. prudence for weakness.


You're listening to THROUGHLINE from NPR...


...Where we go back in time...

ABDELFATAH: ...To understand the present.

ARABLOUEI: Hey. I'm Ramtin Arablouei.

ABDELFATAH: I'm Rund Abdelfatah.

ARABLOUEI: And on this episode, 40 years of U.S.-Iran hostility.


ABDELFATAH: If you heard our episode last week, you know that the U.S. and Iran first became politically intertwined in 1953. That's the year the U.S. helped overthrow the democratic prime minister of Iran, Mohammad Mosaddegh. Now fast-forward 26 years to 1979.

ARABLOUEI: The secular Shah the U.S. put in place after the coup in 1953 was suddenly facing a major crisis...


ARABLOUEI: ...An Islamic revolution.


UNIDENTIFIED PROTESTERS: (Chanting in foreign language).


UNIDENTIFIED REPORTER #6: For the last seven days, Tehran and other cities have seen violent clashes between troops and demonstrators pelting the soldiers with rocks and homemade petrol bombs.

ARABLOUEI: Hundreds of thousands of protesters took to the streets.


UNIDENTIFIED REPORTER #6: Inevitably, the result is massacre.


ARABLOUEI: The Shah was forced to flee Iran. And a new leader, a Muslim cleric named Ayatollah Khomeini...


UNIDENTIFIED REPORTER #6: Ayatollah Khomeini...

ARABLOUEI: ...Took power


UNIDENTIFIED REPORTER #6: ...Returns to a country teetering on the brink of civil war.

UNIDENTIFIED REPORTER #7: The crowd chanted Allahu akbar, God is great - and raced along with the motorcade, trying to get a glimpse of the Ayatollah.

ARABLOUEI: And this began a new era in U.S.-Iran relations.


UNIDENTIFIED REPORTER #7: In an obvious reference to the United States, he said foreign advisers have ruined our culture and have taken our oil.

KARIM SADJADPOUR: And so in the course of months, Iran went from one of America's best allies to one of America's worst adversaries.

ABDELFATAH: Not long after the revolution, Iran did something that solidified its new place as an American adversary.


UNIDENTIFIED REPORTER #8: The American Embassy in Tehran is in the hands of Muslim students tonight. Spurred on by an anti-American speech by the Ayatollah Khomeini, they stormed the embassy, fought the Marine guards for three hours, overpowered them and took dozens of American hostages.

UNIDENTIFIED REPORTER #9: Some 60 Americans, including our fellow citizen whom you just saw bound and blindfolded, are now beginning their sixth day of captivity inside the U.S. Embassy in Tehran.

ARABLOUEI: The U.S. and Iran are still pretty much in that place - severed ties and sanctions. Over the past 40 years, this ongoing antagonism between the two countries has led to violent, even deadly results.

ABDELFATAH: In this episode, we're going to explore the direct military confrontations, the covert battles and the 21st-century cyberwar between them.


UNIDENTIFIED REPORTER #10: Iraq claims to have carried out more than 130 air raids yesterday and to have shot down two Iranian jets. Iraq's Saddam Hussein has been active in honoring his army field commanders, whose string of recent military triumphs tilted the war decisively in Baghdad's favor.

UNIDENTIFIED REPORTER #11: It was Saddam Hussein who declared - whoever climbs over our fence, we shall climb over his roof.


SADJADPOUR: The Iran-Iraq war was one of the bloodiest wars of the second half of the 20th century. When it was over after eight years, there was over a million casualties - Iranian and Iraqi casualties.


UNIDENTIFIED PERSON #1: Relations between Iran and Iraq worsened when the ayatollahs took over. The Iraqis claimed that the Iranians were refusing to implement border agreements, and the first skirmishes broke out.

MICHAEL EISENSTADT: Iraq invaded Iran on land. And they met with some initial success, especially in the southwest, which was the oil-producing region of Iran. But very quickly, the war effort bogged down. And by 1982, Iran had succeeded in expelling Iraqi forces out of Iran.

And it looked like momentum was working against Iraq in the long term. Iran has a much larger population, larger territorial base. So there were fears on the Iraqi side that eventually, if the war dragged on, they would lose. So they tried to escalate and expand the war to include economic warfare. So they targeted Iran's oil industry.

Iran responded in kind and started attacking ships in the Gulf that were going to pick up oil from other Arab countries that were allied to Iraq and providing financial and other help to Iraq as part of its war effort against Iran.

SADJADPOUR: For both countries, oil is the lifeblood of their economy. And so they're trying to sink one another's oil tankers to weaken one another economically.

EISENSTADT: So they attacked using aircraft, helicopters, fixed-wing aircraft. And they also attacked using small boats. The small boats very often would have machine guns, rocket-propelled grenades or small diameter rockets, 107 mm rockets.


EISENSTADT: So they would pull up in front of a ship going through the Gulf. They would set up in a line in front of the ship's line of movement. And as the ship passed them, they would open fire and rake the hull. And sometimes they would shoot at the bridge, where the crew was located.


UNIDENTIFIED PERSON #2: An oil tanker runs the gauntlet of air attacks in the Gulf War.


EISENSTADT: Now the ships, because they are very large tankers and were often double-hulled, the damage did not cause these ships to sink. And they were able to continue - you know? - with their mission. But it imposed costs. It was dangerous for the crews.

SADJADPOUR: And that area where Iran and Iraq were fighting, the Strait of Hormuz, is an incredibly crucial geo-economic chokehold.


UNIDENTIFIED PERSON #2: Once through the entrance, the Straits of Hormuz, the oil tankers face a problem regardless of their destination.

SADJADPOUR: On any given day, 20 to 40% of the world's oil passes through the Strait of Hormuz. And at its narrowest point, it's about 20 miles wide.


UNIDENTIFIED PERSON #2: What's happening is that the water on land between Iran and Iraq is spilling over into the sea, with Western tankers being the sitting targets for both sides.

SADJADPOUR: The world cared about what was happening with these tanker wars because it was affecting the price of gasoline throughout the world. It was absolutely crucial to the fate of the global economy.

EISENSTADT: In 1986, 1987, Iran intensified its attacks on Kuwaiti tankers in particular. Kuwait was playing an especially important role in the war. As a country that was providing support to Iraq - financial and otherwise - providing loans. They had been asking the United States about the idea of perhaps providing escort for their tankers so that they wouldn't be attacked.

And at first, we didn't respond with enthusiasm, so the Kuwaitis went to the Russians. And the Russians responded almost immediately that they'd be willing to do so. When we heard about that, our response was, well, we're potentially yielding the playing field in the Gulf to the Russians. And within the context of great power, competition during the Cold War, the relationship was seen as a zero-sum game. So...

SADJADPOUR: That's when the United States got itself involved.


UNIDENTIFIED PERSON #3: From ABC, this is "World News Tonight" with Peter Jennings.


PETER JENNINGS: Good evening. That was an American flag on the back of that ship. And we begin this evening in what is surely the world's most dangerous body of water, the Persian Gulf. Tonight...

SADJADPOUR: The United States actually put its own flag on Kuwaiti tankers as a way of kind of deterring Iran from continuing these attacks.

EISENSTADT: So we were kind of, in effect, protecting our own ships at sea.


UNIDENTIFIED PERSON #4: Zero, Lima, India - this is...


UNIDENTIFIED PERSON #4: ...Ship 37. I have you on my radar. Please remain more than 3,000...

EISENSTADT: We set up an arrangement whereby we would have a convoy system where we'd pick up Kuwaiti tankers outside the entrance to the Persian Gulf and escort them for about a day or two until they reached Kuwait, dropped them off. And then we would kind of go back and, you know, escort more ships coming in.


JENNINGS: And so the United States embarks on a Mideast mission which is haunted by one question - will the Iranians try to attack the Kuwaiti ships now that they are technically American?

SADJADPOUR: It wasn't commonly done. And in fact, it was very controversial. Members of Congress were openly questioning, why are we doing that? You know, why are we putting American flags on the vessels of other countries? You know, why are we kind of stretching ourselves so thin and potentially getting involved in a war between two countries, which are essentially both adversaries of the United States - Iran and Iraq?

EISENSTADT: The American assumption had been, going into this, that the presence of U.S. warships, protecting reflagged ships and the presence of a U.S. aircraft carrier in the region would deter the Iranians. We had no prior military experience with the Iranians. Except for the failed hostage rescue operation a number of years before, we had not had any sustained military interactions with the Iranians. And therefore, we were kind of like a blank slate. We didn't really know what to expect. And we made a lot of assumptions which turned out not to be correct when put up against the test of reality.


UNIDENTIFIED REPORTER #12: That took a new turn today when American warships shelled and destroyed two Iranian oil platforms and then raided another.

UNIDENTIFIED REPORTER #12: Smoke could be seen for 10 miles. But the message was meant for Tehran, 690 miles away.

EISENSTADT: We were engaged in a low-intensity conflict with Iran throughout this period, which occasionally spiked to involve direct military engagements.


UNIDENTIFIED REPORTER #12: It was in retaliation for the weekend missile attack by Iran on an American flag tanker.

UNIDENTIFIED REPORTER #13: Iran is believed to have fired the long-range missile which last Friday struck the American flag tanker Sea Isle City, wounding many of her crew. All...

SADJADPOUR: And increasingly, what you see is this conflict zone in which everyone has their finger on the trigger. You know, it's a fog of war. You're at sea. And there's constant risk of miscalculation. There's lack of communication.


UNIDENTIFIED REPORTER #13: The Islamic news agency said the U.S. has become involved in a full-fledged war with Iran. The Iranian president, Ali Khamenei, is quoted as saying, "we will retaliate."

EISENSTADT: The United States expanded its rules of engagement to allow U.S. vessels at sea to come to the aid of ships from other countries that were not part of the reflagging operation but are being attacked by the Iranians. So we're being more proactive in the Gulf in terms of our activities.

There was a newly arrived ship, the USS Vincennes, coming to the region. That was a new class of ship with a radar system that could see further out with greater resolution than the radar systems that were then used by the ships. Their role generally was to kind of hang back and provide big picture of the air defense environment for the other ships that were operating in the region.


UNIDENTIFIED PERSON #4: Combat, this is (unintelligible). Do you have any more (unintelligible) in the vicinity?

SADJADPOUR: So on July 3, 1988...

EISENSTADT: What happened on July 3 was a Pakistani tanker had come under attack. The Vincennes sent its helicopter to investigate. As it approached the area where the attack was occurring, Iranian ships fired warning shots at the helicopter for it to stay away. The helicopter thought they were under attack and reported it as such. The Vincennes then steamed to the aid of its helicopter, as well as to join the fight.

In doing so, they moved into Iranian territorial waters, which was a violation of U.S. rules of engagement.


EISENSTADT: At the same time while it's doing this and while it's pursuing the Iranian warships that were involved in the attack against the Pakistani tanker, an Iranian civilian aircraft takes off from the airport in the city of...

SADJADPOUR: Bandar Abbas.

EISENSTADT: ...Which is a airfield and a...

SADJADPOUR: ...Port city in the south of Iran.

EISENSTADT: ...En route to Dubai in the United Arab Emirates.

SADJADPOUR: And what would usually be a 30-minute flight, very easy.

EISENSTADT: And as it turns out, it was flying right over the area in which, you know, combat was going on on the surface.


EISENSTADT: It takes off. The crew of the Vincennes thought that this civilian jet was actually an Iranian fighter aircraft that was, at first, gaining altitude but then diving to attack.

SADJADPOUR: They mistook it for an Iranian military aircraft. And they were trying to communicate with it, but they were using military frequency to communicate with this Iranian plane. And they weren't getting any response because this Iranian plane was a civilian airliner, which wasn't on a military frequency.

So after numerous attempts of trying to communicate with it...

EISENSTADT: They shot two surface-to-air missiles...


UNIDENTIFIED PERSON #5: We had to have gotten it. That was a dead-on.

UNIDENTIFIED PERSON #6: Relax. Everybody relax.


EISENSTADT: ...Which brought down the Iranian airliner, killing 290 civilians aboard.


UNIDENTIFIED REPORTER #14: There has been a dramatic and sudden escalation of hostilities in the Persian Gulf involving U.S. forces. There is the possibility that U.S. Navy missiles may have accidentally shot down an Iranian civilian airliner, a civilian airliner carrying nearly 300 people.

SADJADPOUR: And so I think the fog of war coupled with both a miscalculation, itchy trigger fingers and inability to communicate, you know, resulted in this terrible tragedy.


UNIDENTIFIED REPORTER #14: Throughout the morning, there have been very confused reports as to what actually happened.

SADJADPOUR: To this day, the Iranian government believes there was no way this was an accident...


UNIDENTIFIED REPORTER #14: Saying that it was doubtful that the plane that was shot down was an F-14 fighter.

SADJADPOUR: ...Because the plane was going on clearly marked. Its flight pattern was clearly civilian aircraft headed to Dubai. There's probably dozens of such flights every day between Bandar Abbas and Dubai.

But what the U.S. side talks about is the broader context. You know, this U.S. warship was actually receiving fire from what they thought were Iranian warships. You know, there was constant attacks taking place during that time. And so the United States acknowledged it as a terrible mistake.


NICHOLAS BURNS: President Ronald Reagan offered what is known as ex gratia payments, voluntary payments by the United States government to the families of the victims of Iran Air 655. And this settlement today...

SADJADPOUR: For Iran, these things are not mistakes. Even if America claimed it was a mistake, the message that was taken by the Iranian side was that this was an act of open hostility.

EISENSTADT: One of the things you often hear today is that there is a great - there's always a worry about miscalculation in dealing with the Iranians, that there is always the potential for inadvertent escalation as a result of a tragic mistake. On the other hand, I would point out that one of the lessons of this conflict during the latter phases of the Iran-Iraq War is that, actually, both sides were pretty good at keeping the level of conflict within a certain kind of relatively narrow band, that neither side wanted the conflict to spiral out of control and become an even larger war. And they largely succeeded in that regard.

And that's something we should also keep in mind now when I think some of the discussions about the potential for full-blown war between the United States, Iran occurring - I think it's very clear that neither side want that kind of war.

SADJADPOUR: Several months later, Iran actually signed the peace treaty to end the Iran-Iraq War. So the shooting down of Flight 655 - Iran Air Flight 655 was a terrible tragedy in which civilians were killed. If you look back, though, at the history, it may have been that the Iran-Iraq War might have lasted longer had that terrible incident not taken place.


SADJADPOUR: I think one thing the United States realized by the late 1980s was that the Iranian revolution was not just going to be a flash-in-the-pan phenomenon - you know, that the revolutionary Islam and the Khomeinist ideology that was born out of the 1979 revolution was going to be an enduring concern.

And shortly thereafter, when the Soviet Union collapsed, I think Iran and the threat of radical Islam eclipsed communism as kind of challenge or threat No. 1 for the United States. And I think similarly, one of Iran's takeaways from the Iran-Iraq War and its interactions with the U.S. military is that, you know, the U.S. military's budget is more than 50 times that of Iran's. And so in a head-to-head conventional military matchup, Iran cannot compete with the United States.

How it can compete is using essentially asymmetric warfare - whether that's the use of proxies, whether that's the use of mines, you know, in some cases taking hostages, having plausible deniability. Iran needed to figure out low-cost, high-impact ways to challenge the United States. And it's really honed that ability over the last four decades.


ABDELFATAH: That was Karim Sadjadpour, a senior fellow at the Carnegie Endowment for International Peace, and Michael Eisenstadt, director of the Washington Institute's Military and Security Studies Program. Coming up, the story of the shadow war.


UNIDENTIFIED PERSON #8: I blame myself for what happened. I was a sergeant of the guard. I was ultimately responsible for the security of that BLT that morning. Zero six thirty on a Sunday morning - Beirut, Lebanon - everybody was asleep.


UNIDENTIFIED REPORTER #15: We have a bulletin from the Pentagon on the explosion in Beirut at the U.S. Marines barracks.


UNIDENTIFIED PERSON #8: Then I heard the rev of an engine behind me.


UNIDENTIFIED REPORTER #15: A truck loaded with explosives broke through a gate into the lobby of a building in Beirut occupied by Marines.


UNIDENTIFIED PERSON #8: I saw the truck come to a stop dead center of that lobby - dead silence in the lobby. You could hear a pin drop.

And then the next thing I saw was a bright orange flash.


UNIDENTIFIED REPORTER #16: A speeding pickup truck crashed through barriers and exploded in the lobby of the headquarters building where Marines were sleeping.


UNIDENTIFIED PERSON #8: The first thing I said was - son of a b****, he did it.


UNIDENTIFIED REPORTER #16: ...Causing the four-story structure to collapse, killing...


UNIDENTIFIED REPORTER #17: Chunks of concrete and spears of broken glass were hurled hundreds of yards, wounding other Marines. Some of those wounded helped pull their colleagues from the rubble.

UNIDENTIFIED PERSON #8: I remember looking over my shoulder. There was one Marine back here moaning, help me. Help me. God, help me. Somebody please help me.


UNIDENTIFIED REPORTER #18: The Pentagon now estimates that 120, possibly more, have been killed.

UNIDENTIFIED REPORTER #19: The list of survivors, dead and wounded is still being compiled.

UNIDENTIFIED REPORTER #18: Forty-five of the more critically wounded have been evacuated. Others remain to be evacuated later.

UNIDENTIFIED PERSON #9: It's been pretty - pretty hectic. We're trying to just sort things out and see what the total effect of this tragedy is going to be.

SADJADPOUR: So in 1983, a truck bombing destroys U.S. military Marine barracks in Beirut, which was, I think, the deadliest single-day attack on the U.S. Marines since Iwo Jima. Almost 250 Marines were killed.

It was unclear to people who was behind this attack because it was a truck bombing. And you know, now we've become accustomed to suicide bombings. We read about suicide bombings often in the news. But at that time, that was really a novel attack. It was, I think, widely assumed that Iran was responsible. But Iran shrewdly operated via proxy. They tried not to leave fingerprints. And you know, the attack was blamed on a group called Islamic Jihad, which is widely thought to be essentially the precursor to Lebanese Hezbollah.


UNIDENTIFIED PEOPLE: (Chanting) Hezbollah.

UNIDENTIFIED REPORTER #20: Hezbollah was created to fight Israel...

UNIDENTIFIED PEOPLE: (Foreign language spoken).

UNIDENTIFIED REPORTER #20: ...Whose army invaded an...

SADJADPOUR: The emergence of a group called Hezbollah, the Party of God, was essentially a byproduct of two momentous events. One was the 1979 Iranian revolution, and the other was the 1982 Israeli invasion of Lebanon. And so as a result of these two things, all of a sudden, the Shia community in Lebanon had an enormous, very wealthy external patron.


UNIDENTIFIED REPORTER #21: It is a secretive militant movement of the Shia sect of Islam, largely funded and armed by Iran.

UNIDENTIFIED PEOPLE: (Foreign language spoken).


SADJADPOUR: Iran, after the revolution, defined itself in opposition to the United States and in opposition to Israel. And so you started to see an emergence of Shia radicalism in Lebanon, which Iran was harnessing. And you know, Lebanon is a country in which America doesn't have enormous strategic assets. It's a very small country on the Mediterranean, but it doesn't have oil resources like Saudi Arabia. So the major reason for America's presence in Lebanon - to do peacekeeping and be there as a buffer for our key regional ally, which is Israel.


RONALD REAGAN: There are no words to properly express our outrage and I think the outrage of all Americans...

SADJADPOUR: After the bombings of the Marine barracks, I think it caused a real debate within the Reagan administration. Some wanted to pin the blame on Iran, and others said that there was no clear proof. And I think others also realized that if America were to blame Iran directly, then it would warrant action. You know, you - if you're going to blame Iran for a massive attack on the U.S. Marines, you can't just sit on your hands afterwards. You have to do something about it. And so I think for that reason, there was actually a reluctance within the Reagan administration to aggressively blame Iran because America didn't really want to fight that war.

And in hindsight, the historians who actually criticized the Reagan administration because they say by not responding to that massive attack by Iran against the U.S. Marines, they essentially emboldened Iran. Iran realized that, actually, suicide bombings can be quite effective; truck bombings can be quite effective. And eventually, it led to America's pullout from Lebanon.


REAGAN: Ambassadors Habib and Draper, who are presently in Beirut, will continue to press in negotiations for the earliest possible total withdrawal of all external forces.

SADJADPOUR: Because you know, Americans looking at their television set said - why are our sons and daughters dying in Beirut, Lebanon? What are we doing there? What are our interests? And so I think this is a tactic, which Iran has used quite effectively, essentially testing the resolve of the United States and, in some ways, conducting acts of radicalism and terror which will bring in the American public - and the American public, you know, calling for further restraint or a pullout from the Middle East.


UNIDENTIFIED PROTESTERS: (Chanting in foreign language).

GEORGE W BUSH: My fellow citizens, at this hour, American and coalition forces are in the early stages of military operations to disarm Iraq, to free its people and to defend the world from grave danger. On my orders...

SADJADPOUR: When the Iraq War was launched in 2003, one of the Bush administration's underlying goals for the Iraq War was to create Shiite democracy in Baghdad, which could then spread to Tehran and undermine the legitimacy of the Iranian regime. And so for that reason, Iran had every incentive to try to sabotage America's efforts in Iraq if they believed that the Iraq War was intended to eventually overthrow the Iranian government.

And so for that reason, from the beginning of the Iraq War, Iran was somewhat cautious the first year or so. But then you started to see Iran ramping up attacks on American troops, using their Shia militia proxies in Iraq.


UNIDENTIFIED PERSON #10: (Foreign language spoken).

UNIDENTIFIED PERSON #11: (Foreign language spoken).


SADJADPOUR: Iran has essentially tried to franchise the Hezbollah model. You know, I call it the McDonald-ization (ph) of Hezbollah, taking that - the Shia militia franchise in Lebanon and using it in other contexts, whether that's to help fight for your ally Bashar Assad in Syria, Iraqi Shia militias to fight against ISIS and project Iranian power in Iraq - and now in Yemen.


UNIDENTIFIED REPORTER #22: A second day of airstrikes inside Yemen by Saudi jets bombing Iranian-backed Houthi Shia militias, which have taken control of the country.

SADJADPOUR: And when we're talking about countries in the region which are experiencing either civil wars or power vacuums, Iran is able to fill those voids much more effectively with these Shia proxies on the ground.


UNIDENTIFIED REPORTER #22: The top U.S. commander for the Middle East worries about what could be Tehran's bid for superpower status.

SADJADPOUR: So I think a major asymmetric advantage that Iran has over both the United States and U.S. allies like Saudi Arabia, for example, is that almost all Shia radicals in the region - let's say from India to Lebanon - are willing to go out and kill, if not die, for the Islamic Republic of Iran, whereas almost all Sunni radicals in the Middle East are deathly opposed to the United States, and they want to actually overthrow the government of Saudi Arabia. You know, groups like al-Qaida and ISIS are Sunni radicals, which are not Saudi Arabia's proxy; they're actually Saudi Arabia's adversary. And so despite the fact that Shia are outnumbered by Sunni by 4- or 5-1 in the region, Iran has a monopoly over Shia radicalism. And increasingly, not only does Iran operate via proxy, but its proxies also have plausible deniability because they're not necessarily doing the fighting themselves. They're using IEDs. They're using drones. They're using mine. So it gives Iran two layers of deniability.


ABDELFATAH: Coming up, how one computer virus started a cyber arms race.


UNIDENTIFIED REPORTER #23: An Iranian facility has been targeted for cyberattack, the second time it's happened in less than a year.

UNIDENTIFIED REPORTER #24: Worst cyberattack in history.

UNIDENTIFIED REPORTER #25: The race between Iranian officials trying to build their nuclear program and the outside forces trying to stop it is getting more intense.

UNIDENTIFIED REPORTER #26: This new era of warfare has already begun.

KIM ZETTER: We have to go all the way back to around 1996. Mid-'90s is when the U.S. started to contemplate the development of offensive cyber capabilities. And right around that time, Iran obtained a batch of illicit uranium hexafluoride gas from China.

And so that's sort of what we can sort of trace the beginnings of the Iranian illicit nuclear program. They, of course, had been watching Iraq prior to that and seeing that Iraq was looking at nuclear capabilities and, of course, Iran and Iraq were longtime enemies. And so Iran's view was - if Iraq is looking at obtaining nuclear weapons capability, then we should also be engaging in that. As well.

So around 2000, Iran broke ground on the facility at Natanz. U.S. intelligence wasn't, you know, 100% positive about what that facility was going to be, but they were watching it.


ZETTER: So February 2003, the United Nations International Atomic Energy Agency, which is the agency that oversees - or monitors nuclear programs around the world, IAEA inspectors make their first visit to Natanz.


UNIDENTIFIED REPORTER #27: And now we return to Iran, where today U.N. inspectors visited a site used...

ZETTER: And they discover that Iran is actually much farther along in the program than anyone suspected. They already had a pilot plant set up at Natanz. They had some centrifuges there that they were beginning to assemble. They had said that they hadn't enriched any batch of uranium hexafluoride gas yet, but that turned out to be incorrect.


ZETTER: This first process of enriching that first batch was really the beginning step of having enough uranium hexafluoride gas to build a bomb. This is the initial step of getting them to that bomb. And there was a lot of panic at that point to halt the program until IAEA inspectors could obtain more information. So there was a lot of pressure put on Iran to stop everything.


UNIDENTIFIED REPORTER #28: The head of the United Nations nuclear watchdog, the IAEA, in talks with Iranian officials in Tehran.

ZETTER: And...


UNIDENTIFIED REPORTER #28: The breakthrough.

ZETTER: ...Iran surprisingly actually agreed - throughout 2003, 2004. And then something changed in 2005.


UNIDENTIFIED PERSON #12: (Speaking Farsi).


UNIDENTIFID PERSON #12: (Speaking Farsi).

ZETTER: Mahmoud Ahmadinejad was elected president of Iran. And shortly after that, Iran announced that it was done with the cessation agreement and it was no longer going to remain at this stasis position. And it was going to go forward with enriching its first batch of uranium hexafluoride gas.


ZETTER: And so you can imagine the panic in Israel when that happens.


ZETTER: Jump forward about six months - on January, February 2006 now. Iran announces that they have enriched their first batch of uranium hexafluoride gas in that pilot plant in Natanz. And then they announce that they had perfected the enrichment process and they were going to begin installing the first centrifuges in the actual enrichment plants. Israel, of course, was focused on trying to bomb the facility. They had come to the U.S. for permission from President Bush to launch a strike against the Natanz facility. And the U.S. denied that permission and instead had this alternative plan that they wanted to do.


ZETTER: So between February 2006 and February 2007, the U.S. is developing and testing Stuxnet.


ZETTER: Stuxnet was what we call a worm. Part of it was a virus; part of it was a worm. A worm is malware that will travel from machine to machine without any human interaction. So the initial release, of course, is done by human. But once a worm finds a vulnerable system, it will infect that system, and then it will search automatically for any other system connected to that system on an internal network or over the Internet and travel to that system and infect that as well.


ZETTER: So you've got this Natanz facility that has critical computers that are air gapped from the Internet, and also the facility itself is physically protected. They had...


UNIDENTIFIED PERSON #13: Three outer perimeter security walls.

ZETTER: Anti-aircraft guns.


UNIDENTIFIED PERSON #13: Earthen berms entirely hide the facility from view.

ZETTER: Around the facility they had fences, they had guards, armed guards - all of that. So the only way that you could get Stuxnet into where you need it to go was to have someone walk it in, deliver it, either wittingly or unwittingly. And we know that the first version of Stuxnet could only be spread via USB sticks. It's quite possible that the first version of Stuxnet, because it didn't have a lot of spreading capabilities in it, was spread by an inside mole. They probably had close access inside Natanz.

So 2007 - they unleashed that first version of Stuxnet. It was a partnership between the U.S. and Israel. Their aim wasn't to - it wasn't catastrophic damage; they didn't want to destroy all of the centrifuges. They wanted to simply stop Iran from obtaining enough enriched uranium gas to have a bomb. Iran had a limited supply of uranium hexafluoride gas that it had purchased from China, and they had a limited supply of materials that they could use to manufacture new centrifuges.

And so the goal with Stuxnet was to destroy some of the gas and some of the centrifuges in order to buy time for diplomacy and sanctions to catch up.


ZETTER: When Stuxnet first gets on to that S7 417 PLC, it doesn't cause it sabotage right away. It sits there for a period of time, recording the normal operation of those centrifuges and storing that information, and it just keeps storing and storing for days. And when the sabotage kicks in, it takes that information about the normal operations that it stored, and it now feeds that back to the monitoring stations.

So while the valves are closed and the pressure is increasing inside the centrifuges, the engineers at the monitoring stations are seeing that everything's normal. All the valves are open, pressure is normal, heat is normal - nothing is wrong. And so they wouldn't have seen the sabotage is happening.

What they would have seen, however, is they would have seen that they were losing gas. They would have seen, eventually, the end result is that the centrifuges start breaking down. But they wouldn't have known if the problem was the machinery itself - maybe the centrifuges were faulty, the equipment was faulty. That would have been their first focus.


ZETTER: And Stuxnet did one other thing - in addition to feeding that false information to the monitoring stations, Stuxnet froze the safety mechanism on the system. So these automated safety mechanisms were designed to detect if the pressure inside the centrifuges increases, if the heat increases, if they start spinning out of control. And if it sees that a system is getting out of a safe condition, it's supposed to automatically shut down those centrifuges to prevent them from being destroyed or ruined. But Stuxnet stopped the safety mechanism from working. So Iran was confused. They didn't know what was happening.


BUSH: Thank you. Tapper (ph). We have been through a lot together.

ZETTER: This is a covert operation, and a covert operation has to be authorized by the sitting president, and the sitting president was leaving. We had an election in 2008, and we see in the code that Stuxnet is designed to halt during this temporary phase of when we are losing the sitting president.

And in January 2009, Obama is coming into office, and he meets with President Bush. And during this period, Bush explains to him this covert operation, which we now know is called Olympic Games. And he explains what's happening and what it's designed to do and tells him that it's not - it hasn't achieved its full purpose yet and encourages Obama to reauthorize the Olympic Games program. And Obama does.

And we already see, in January, the attackers are getting prepared to unleash the second version of their assault. And throughout 2009, it's causing it sabotage. And we actually see signs of the sabotage externally, but we don't know what it is. The International Atomic Energy Agency is sending inspectors to the Natanz facility, on average, about twice a month, and they're sending back reports to their headquarters in Vienna. And those reports are saying that Iran is having problems with its centrifuges.

Those inspectors start noticing not just that Iran is having problems, but they're actually removing centrifuges now. So it's not just that they've stopped spinning centrifuges, that they've taken gas out of centrifuges; they're actually removing centrifuges from the cascades. And they're sending this back in the report, and that's the first sign that Iran has given up. They don't know what's going on. They're checking the equipment. They're checking everything, and yet Stuxnet continues to operate, and it continues to engage in sabotage.

And it's not until June 2010 - Stuxnet is unleashed in another round in March and April of 2010, and the March version is what got it caught. The March version had multiple spreading mechanisms attached to it, including that worm, and it spread wildly out of control.


ZETTER: It started spreading to machines that weren't the targeted machines - spreading to any Windows machine that it can find, initially just in Iran. And it started causing problems on machines in Iran outside of Natanz.

Someone in Iran who had systems that were - kept crashing and rebooting and crashing and rebooting. And they couldn't figure out what was going on, so they contacted the maker of their antivirus software, a company in Belarus called VirusBlokAda. And VirusBlokAda obtained remote access to some of those systems in Iran that were having problems. And they discovered some suspicious code that they believe was causing the machines to reboot - crash and reboot.

And so they found this code, and they started taking it apart. They immediately discovered that it was malware and that it was designed to spread to any Windows machine. So they contacted Microsoft - because it was using a vulnerability in the Windows software - they contacted Microsoft to have that vulnerability patched. And then they had other files that were dropped onto the machine when it was infected, but those files were encrypted. And they couldn't decrypt them. And they didn't have a lot of experience taking malware apart, so they made those files available to the rest of the security community.

And that's when a company called Symantec stepped in and started reverse-engineering that code. They were able to decrypt it, and they knew that it was designed for sabotage. Until then, everyone had assumed that this was spyware, that this was conducting espionage.


UNIDENTIFIED REPORTER #29: Experts say Stuxnet is an exceptionally sophisticated computer worm that attacks the software used to control automated systems. It's now been found in...

ZETTER: So if you can imagine from November 2007 all the way to November 2010, Stuxnet continued to operate unimpeded.

Mahmoud Ahmadinejad blamed the Israelis and the U.S., but Iran didn't do what we expected them to do. They didn't go to the United Nations and complain. And they didn't retaliate, which they would have been in position to do legally.

International law sort of limits what a nation can do when it's under a digital attack like that. It says that you can take action to halt an attack that's current but that any sort of retaliation that you do has to be proportional to the attack itself. And so Iran was pretty limited. And also, going to the United Nations, Iran is not very powerful in the United Nations. So it knew that it wasn't going to get the support or backing that it needed to punish the U.S. or Israel.


UNIDENTIFIED REPORTER #30: They've never seen anything like it - a massive onslaught of cyberattacks on America's biggest banks - slowing down their websites, even forcing some to shut down temporarily, costing them money.

ZETTER: Stuxnet was proof of concept for any nation to see that digital capabilities like this are a viable alternative. And so what that has done is it's opened up this new kind of warfare, where it's lowered the bar of the actors who can engage in it.


UNIDENTIFIED REPORTER #30: Senator Joe Lieberman, then-chairman of the Homeland Security committee, said, I think this was done by Iran. It's likely retaliation for previous cyberattacks on Iran and for other things.

ZETTER: When you drop a conventional weapon, your victim can't pick up those pieces of the weapon and reconstitute it and send it back at you. The difference with a digital weapon is when you're launching a digital weapon, it's fully contained. And all the code is there. And so you're sending the blueprint for the weapon to your victim. And all the victim has to do is reverse-engineer that weapon in the way that Symantec reverse-engineered it and study it and design it in a way that they can send it back to you. And so what we did was we threw stones from a glass house.

In the U.S., we've always had this advantage of geography. We have this distance from our adversaries. But digital warfare erases races that distance. Now the front line is on businesses and critical infrastructure here. It's brought the war home.


ABDELFATAH: That was Kim Zetter. She's a writer for WIRED Magazine and author of the book "Countdown To Zero Day: Stuxnet And The Launch Of The World's First Digital Weapon."


ARABLOUEI: That's it for this week's show. I'm Ramtin Arablouei.

ABDELFATAH: I'm Rund Abdelfatah. And you've been listening to THROUGHLINE from NPR.

ARABLOUEI: This show was produced by me.

ABDELFATAH: And me. And...





ABDELFATAH: (Laughter) OK. Smizing and somber - N'Jeri Eaton.

ABDELFATAH: Original music was produced for this episode by Ramtin and his band, Drop Electric.

ARABLOUEI: Thanks also to Ayda Pourasad.

ABDELFATAH: And Anya Grundmann.

If you like something you heard or you have an idea, please write us at throughline@npr.org. Or hit us up on Twitter @throughlinenpr.

ARABLOUEI: Thanks for listening.


Copyright © 2019 NPR. All rights reserved. Visit our website terms of use and permissions pages at www.npr.org for further information.

NPR transcripts are created on a rush deadline by Verb8tm, Inc., an NPR contractor, and produced using a proprietary transcription process developed with NPR. This text may not be in its final form and may be updated or revised in the future. Accuracy and availability may vary. The authoritative record of NPR’s programming is the audio record.