The second in a series of reports on the stand-off between South Africa and the United States over what to do with fuel left over from Pretoria's apartheid-era nuclear weapons programme. The report, from the Center for Public Integrity in Washington, was originally published by the Center and the Washington Post in March.
Pelindaba - To gain access to South Africa's main nuclear research center here, where nearly a quarter-ton of nuclear explosives are stored, approved visitors are supposed to be checked by fingerprint scanners at the three main entrances, installed as part of an American-financed security upgrade.
Unless, of course, the scanners are not working, in which case the guard may just wave a visitor through a vehicle entrance several steps away - as happened with a reporter, twice, during visits a few days apart to this remote, scrubland site last year.
Pelindaba, situated west of the capital of Pretoria, is considered a "national key point" by the South African government, a highly-sensitive facility that is a potential target for sabotage. It was once the center of South Africa's clandestine nuclear weapons program, which built 6 bombs and left behind a reservoir of weapons-usable fuel.
Whether that stockpile -- enough highly-enriched uranium (HEU) for more bombs like the one that devastated Hiroshima -- is adequately guarded from theft has been a recurrent source of friction between Washington and Pretoria, according to officials in both capitals.
A break-in at Pelindaba by two armed groups more than seven years ago convinced senior U.S. officials and some independent security experts that the vault holding the fuel lacks adequate counter-terror protections. As a result, Washington has been waging a quiet, but unsuccessful, diplomatic campaign to convince South Africa to relinquish the vault's HEU.
Government officials here depict the break-in as a routine burglary, and complain that Washington is needlessly obsessed about Pelindaba's security. The nuclear arsenals of the world's militaries pose far greater dangers than the highly-enriched uranium located here, senior South African diplomats say.
In two private letters, President Barack Obama has asked South African president Jacob Zuma to transform the South Africa's weapons-usable uranium into a more benign form with U.S. help. But Zuma has not accepted either suggestion, and current and former U.S. officials have said that they worry that the security upgrades made at Pelindaba are insufficient or poorly maintained - as suggested by the malfunctioning fingerprint scanner.
A confidential South African report, moreover, backs up the U.S. account of the gravity of the break-in and the risks of another assault, according to persons familiar with its contents.
The author of the report, who formerly worked for Kroll Inc., an international intelligence and investigations firm, concluded that the raid was a carefully planned operation, that it relied on inside help, that those involved had special training, and that it probably targeted the nuclear explosives, these sources say.
The 98-page document, which was written for the national utility that runs Pelindaba, pointed to suspects that were never arrested or questioned, they add. It has never been released -- or even acknowledged -- in South Africa, but was obtained by foreign intelligence agencies and described to the Center for Public Integrity by multiple sources.
Asked for comment about this story, Clayson Monyela, a spokesman for South Africa's foreign ministry said "we are aware that there has been a concerted campaign to undermine us by turning the reported burglary into a major risk. Attempts by anyone to manufacture rumours and conspiracy theories laced with innuendo are rejected with the contempt they deserve."
Seizing the security control center
Experts consider HEU the terrorists' nuclear explosive of choice. Physicists say a sizable nuclear blast could be readily achieved by slamming two shaped chunks of it together at high speed. Foreign experts say about 485 pounds of the HEU, initially packed inside South Africa's nuclear bombs, are stored in Pelindaba's vault now.
Although Pelindaba, located a half-hour's drive west of Pretoria, is named after Zulu words that mean "the discussion is finished," it has long been a magnet for controversy. Its nuclear scientists learned their craft working on a civilian reactor built there by the United States in the 1960s and fueled by U.S.-supplied. highly-enriched uranium at a time when Washington was less attentive to the associated risks.
Still the country's main nuclear research center, Pelindaba employs about 2,000 workers and consists of dozens of brown concrete research labs, production facilities, and narrow cooling towers, all flanked by grasslands and spreading acacia trees where monkeys, warthogs and other wildlife roam.
The structures are clustered on a series of hilltops, dotted with acacia trees and circled by a 6.8-mile-long, electrified fence. Tucked in the basement of one is a special vault originally built to hold silver intended for reactor fuel rods. After the apartheid government's six bombs were dismantled and their explosive cores melted down and cast into ingots, the vault was repurposed as their storage site.
According to the confidential South African report, the 2007 raid began shortly after midnight on a cold Thursday morning when four armed men sliced through the fence, peeled it back, and secured the flaps with locking plastic straps, and then one-by-one slowly crawled underneath. Around the same time, a second group of intruders breached another section of the fence about a mile away.
The spot chosen by the first group was at the edge of video coverage, close to a control box and at the nearest point to the vital Emergency Control Center. The second team's breach came when nearby cameras were pointed elsewhere.
The first of the raiders to get inside went straight to the electrical box, where he circumvented a magnetic anti-tampering mechanism, disabled the alarms, cut the communications cable, and shut down power to a portion of the fence and to alarms on a gate 250 feet away- opening a path for a vehicle to exit.
This was not simply a matter of pulling a switch, a source familiar with the report said, but required electrical skills and knowledge of the security systems. Those who participated, the report said, had special training.
Once inside, the gang walked three-quarters of a mile uphill toward the fire station next to the emergency center. Working swiftly, the assailants broke in, found a hidden latch securing a fire truck ladder, and used the ladder to climb to the Center's second-floor landing.
The raiders arrived, moreover, on a night when they may have expected little resistance. The Emergency Center supervisor scheduled to be on duty then used a wheelchair. But as it happened, he wanted to attend a party that night, and arranged for a colleague to take his place. She brought along her dog and her fiancé, Frans Antonie Gerber, an off-duty firefighter.
Security forces never directly confronted the raiders. But the dogs' barking - which led Gerber to spy the intruders and his girlfriend to pick up the phone and call for help just as they burst in -- thwarted the intrusion. Three intruders attacked Gerber, one with a pipe. Gerber resisted, and was shot in the chest, with the bullet narrowly missing his spine. (Gerber, who is still employed at Pelindaba, did not respond to interview requests.)
Frightened off by the fracas and the phone call, the first team of raiders fled. The second team did not go far before they left, prompting the investigator to speculate they had communicated with the first team.
Two guards who were supposed to monitor video cameras were fired; a manager was also suspended. But eight years later, no one has been charged with a crime and no suspects have been identified. One person was arrested: a Malawian man using a SIM card from a cellphone stolen during the raid. But police concluded he found it on the ground outside Pelindaba's fence, and he was simply deported.
The private investigator tracked down some of the cellphone records of calls made in the Pelindaba area the night of the raid, which in combination with interviews and polygraph tests led him to two South Africans he ultimately suspected of having participated, as well as several others who may have been accomplices.
But the suspects were never arrested or even questioned by police, according to two South African sources.
One major cellphone provider in the area, the MTN group, refused to turn over its records, despite a police subpoena. "MTN is obliged to respond to a subpoena that has been secured by a member of the South African Police Services and not a private investigator," said Graham de Vries, a spokesman for the company's chief corporate services office.
A South African expert who read the report said he concluded that the raiders most likely targeted the nuclear explosives, perhaps to sell them on the black market, where they could have fetched millions of dollars. He based his conclusion, he said, on the expertise the raid required, the risk the raiders faced, and the difficulty of planning simultaneous assaults by two different teams.
Having the run of the place
William H. Tobey, the deputy administrator of the U.S. National Nuclear Security Administration at the time of the break-in, is among many current and former U.S. officials that share these concerns. While he remains uncertain of the raiders' objectives, he mentioned the groups' ability to use the hidden ladder latch as a reason he became "convinced ... there was insider participation."
Rather than face the implications of the assault, Tobey said, South African officials are in denial about it.
Whatever the raider's intent, a former U.S. intelligence official said on condition he not be named, they "had the run of the place. The more we learned, the more horrifying it was ... . They could have gotten the stuff" if they had been more determined to do so.
Matthew Bunn, a Clinton White House science official who also advised the Bush administration on nuclear security matters, called the South African government's view that the raiders were common criminals "utterly nonsensical."
"Nobody breaks through a 10,000-volt security fence to steal someone's cellphone," he said. "The obvious question is, What else at the site justifies having two well-trained, knowledgeable teams at the site at the same time? The assumption ... to be disproved is that they were ... after the highly-enriched uranium."
South African Police Service officials didn't respond to repeated requests for comment. Ronnie Kasrils, South Africa's minister of intelligence services at the time of the raid, said in a brief email that he had ordered a thorough investigation and that "from reports it did indeed appear to be a routine burglary." Siyabonga Cwele, his successor in 2009, declined to be interviewed.
South African opposition parties have demanded a more concerted inquiry, but the ruling African National Congress has brushed the issue aside. Then-Defense Minister Mosiuoa Lekota told lawmakers in 2008 that the break-in was "a clear criminal act" and a matter for police to pursue.
Bismark Tyobeka, a U.S.-trained engineer who is now chief executive of South Africa's National Nuclear Regulator, said he believes the chances of a repeat of the 2007 assault on Pelindaba are "very low" but expressed concern about the lack of progress in answering questions raised by the incident.
"If it happened to my installation I would be bugging the state or the police to want to know what is happening," he said. "It leaves everybody worried because to date none of the perpetrators has been apprehended."
"Either the perpetrators were very sophisticated in the operation, or the investigations have not been very effective," Tyobeka said. "We hope very shortly that the perpetrators will be brought to book, we will have closure on this, because as a regulator we can never rest until we know what exactly happened there so that it does not happen again."
Asked if he planned to pressure the police and Pelindaba's managers to close the case, Tyobeka said that not his responsibility. "I say we would not really be interested to be chasing the case with the SAPS," he said, referring to the South African Police Service.
Washington insists on security upgrades
After the raid, the Bush administration offered to help tighten security at Pelindaba, but the Pretoria government refused, according to officials and documents. South Africans chose instead to seek a special IAEA review of the site, and in January 2008, an IAEA team issued a 74-word statement that a security upgrade plan set by the government a year before the raid provided an "appropriate basis" for protecting the site.
The statement -- which under IAEA rules had to be cleared by the South African government -- said further there was "no evidence that sensitive nuclear areas were under any threat at any time" during the raid.
For many South African officials, the report was vindication. Abdul Minty, who at the time served as South Africa's representative on the IAEA board, said he asked his American colleagues, "Don't you trust the IAEA? This is the organization you created. They come here, they inspect, they report, the stuff is under 24-hour surveillance, it's in a vault. What's your problem?"
U.S. experts say instead that the report illustrates the challenge of ensuring sound security practices are used at nuclear explosive storage sites when no international standards exist and no country is obligated to report details about its handling of specific incidents to others.
Roger Johnston, a physicist who from 1992 until early this year led a team of Energy Department scientists studying nuclear security, calls this approach "security by obscurity."
Officials at the South African Nuclear Energy Corporation, which runs Pelindaba, were less sanguine than the ministry officials and sought help from U.S. government non-proliferation experts, according to a September 2009 State Department diplomatic cable.
The cable, released by Wikileaks, said Joseph Shayi, NECSA's top security manager, told the Americans he needed additional motion sensors as well as new video cameras, fencing and training for Pelindaba. Shayi declined a request for an interview.
But other South African officials said at the time that the upgrades weren't required, and worried that spending money on security would sap funds needed for other nuclear work, according to U.S. officials involved in the negotiations. The South Africans also raised charges of U.S. hypocrisy on nuclear security, pointing to the July 2012 break-in at the U.S. weapons-grade uranium storage site outside Knoxville, Tennessee, by an 82-year old nun and two other peace activists.
That break-in -- which prompted bruising internal security reviews and eventual upgrades -- did "affect our credibility" overseas as a secure guardian of nuclear explosives, Steven C. Erhart, the head of the U.S. nuclear weapons production office testified in May 2013 at the trial of those arrested.
In the end, Pretoria agreed to install the upgrades only after Washington offered to pay $8 million toward the cost and threatened to withhold fuel shipments for South Africa's U.S.-built research reactor, which profitably produces medical isotopes.
NECSA says it spent another $1.4 million to build a new perimeter fence designed with help from experts at Sandia National Laboratories in New Mexico, and to harden defenses at the site's Emergency Operations Center, which the 2007 raiders so easily commandeered.
But the government refused to buy security system software suggested by Washington, fearing that it might contain "trap doors" that could be exploited by the Americans. Two sources familiar with the security arrangements also say that the vault building still has no special guard force deployed full-time at its perimeter, unlike similar repositories in the United States.
American security concerns persist
Waldo Stumpf, a senior official in South Africa's nuclear programs under both the apartheid and democratic governments until 2001, said in an interview that due to various security upgrades made at the site, "there's no way" that unauthorized parties could get into the vault.
But Johnston, the former Energy Department security expert, said that "as far as I can tell nothing is impregnable."
The author of more than 115 technical papers and winner of numerous awards for his work, Johnston is best known for his study of seals, including the kind used by the IAEA to detect the diversion of nuclear explosives. After testing 850 seals over the last two decades, he and his team concluded that all of them could be defeated, meaning opened and resealed without leaving a trace -- some by one person working alone for two hours or less.
Johnston, who recently formed his own security consulting firm, emphasized that he has only read about and discussed the Pelindaba raid with colleagues. But in general, he said, anyone who says any vault couldn't be broken into "hasn't really thought through the security issues. Because, if they had, they would be sweating bullets."
The break-in at Pelindaba, he explained, was a "classic" failure of what's known as "layered" security, meaning that authorities felt complacent behind layers of guns, guards, alarms and fences.
"It's just not a business where you should ever be confident," Johnston said.
Some of Washington's enduring concerns are delineated in its recent counter-terrorism reports. South African nationals have acted as al Qaida financiers and facilitators, the State Department's 2012 report said, and a South African non-profit was suspected of funneling money to Bangladeshi militant groups. Informal cash transfer businesses, called hawalas, widely used by South Africa's large Muslim community, have likely transferred money to violent extremists in East Africa, it added.
Meanwhile, the country's security service has engaged in minimal cooperation with U.S. counter-terrorism officials, according to the 2013 annual report, the most recent published. "South Africa borders remain porous," and terrorist groups have exploited the holes to move throughout the continent, the report said. "Due to allegations of corruption, attrition, the lack of receipt of timely intelligence requests, and bureaucracy within multiple South African law enforcement entities, [counter-terrorism] challenges remain."
"The feeling in the White House was: Who is better at protecting this material? Us or them?" said Donald Gips, President Obama's ambassador to South Africa from 2009 to 2013. "If a real terrorist organization tried to break in there, they're going to get in." No matter how much security gear the South Africans added, Gips said it was his impression that "we were not going to be happy. No matter what country, we wanted that stuff out of everywhere, all over the world."
Gary Samore, who served as President Obama's principal advisor on nuclear terrorism until 2013, said government experts during his tenure regarded Pelindaba as one of the "most vulnerable" stockpiles of weapons uranium in the world. The 2007 assault on Pelindaba, Samore said, "was certainly one of the main reasons South Africa would be on that list, because that really freaked people out."
This piece comes from the Center for Public Integrity, a nonpartisan, nonprofit investigative news organization. To follow CPI's investigations into national security issues, go here or follow them on Twitter @publici. Birch reported from Washington and South Africa; Smith reported from Washington. Birch reported from Washington and South Africa. Smith reported from Washington.