In 2020, tensions between the United States and Iran have exploded, leading many to fear war, and more specifically a cyberwar. Articles have come in quick succession with conflicting ideas about whether we should really be concerned about an Iranian cyberattack. The day after the airstrike that eliminated General Soleimani, the Department of Homeland Security Acting Secretary Wolf released a statement that they are “actively monitoring and preparing for any specific, credible threat, should one arise.” The bulletin released then states
“Iran maintains a robust cyber program and can execute cyber attacks against the United States. Iran is capable, at a minimum, of carrying out attacks with temporary disruptive effects against critical infrastructure in the United States.”
What kind of response can we expect from Iran? Does Iran have the capabilities to mount an effective cyberattack?
These are the questions that I was considering, along with many of you I am sure. Kate O’Flaherty cites a former colonel in military intelligence, Philip Ingram MBE, saying that Iran will react more aggressively, and will likely attack on the physical plane. He additionally suspects that Iran is “more cyber vulnerable than capable.”
Jacqueline Schneider of the Hoover Institution posted an Op-Ed on the New York Times with a similar claim. She states that the Iranian state has “no proven ability to create large-scale physical damage through cyber operations” and that any attacks that have been carried out have been “short-term, reversible and relatively limited in scope.” The most that Iran can do as an immediate response, she claims, is to slow down the American response to the crisis through small-scale cyberattacks targeting American operations online. The bigger threat will be long-term, targeting American domestic and foreign policy, through slow, insidious manipulation of our economic and social institutions.
Iranian attacks at the moment have consisted of attacks on city governments, oil and gas facilities, websites such as Twitter, and perhaps most prominently our banks and financial institutions. These attacks have all been resolved quickly, and seem to have no lasting damage.
While that may be the case, I wonder if we have all the information. Perhaps the most well-known cyberattack in modern history is Stuxnet, which targeted Iranian centrifuges for nuclear facilities and was revealed in 2010. Other cyberattacks have been aimed at Iran’s oil infrastructure, such as a secret attack in 2019 which destroyed data that helped Iran plot attacks against foreign oil tankers, and the malware Flame, found in 2012, which conducts cyber espionage and is suspected to be a part of Operation Olympic Games.
With all these attacks directed at Iran, I find myself wondering how much energy and money Iran might be putting into developing cyber capabilities. After Stuxnet, wouldn’t they have dedicated a considerable amount of resources to resolving this? The answer is most likely yes. Although their attacks are still viewed as majority non-threatening, they are certainly more advanced than they were in 2009.
Furthermore, just because their attacks might not cause critical physical damage, our world runs on data and information. A cyberattack could still ruin lives and livelihoods. Lastly, just because Iran may not have the capabilities, that does not mean operatives cannot learn or be trained, especially by allies that have proven to be dangerous themselves.
As the United States continues to make enemies in the Middle East, these countries may find themselves growing closer to Russia and China, countries with considerable power and likely with greater cyber capabilities. Could Iran learn from these countries? Or perhaps, with all the code floating around, could Iran learn to harness our own attacks against us?
Perhaps, they already have the abilities and are simply biding their time in secret. In the realm of cyberwarfare, it only takes one successful attack. The New York Times reported that Christopher C. Krebs, the director of the Cybersecurity and Infrastructure Security Agency, stated “Iran has the capability and the tendency to launch destructive attacks. You need to get in the head space that the next breach could be your last.”
References and Links of Interest