Are Americans In Danger from a Possible Iranian Cyber-Offensive?
The Cybersecurity and Infrastructure Security Agency (CISA) issued a cryptic warning to Americans on January 6th regarding the “Potential for Iranian Cyber Response” to the recent U.S. military strike in Baghdad last week that claimed the life of Qassim Soleimani, major general of the Islamic Revolutionary Guard Corps.
In just the past few days, Iran has claimed responsibility for missile attacks aimed at multiple U.S. military targets in Iraq. As a result of these recent events, one horrific byproduct of Iranian aggression and confusion that materialized was the downing of Ukraine International Airlines flight PS752, which was scheduled to travel from Tehran to Kiev.
Despite the fact that Iran doesn’t possess intercontinental ballistic missiles capable of reaching the U.S. mainland and it isn’t thought to have a nuclear weapon, there are still many other avenues available to the Iranian regime to wreak havoc and exact revenge against the United States and other western countries. The most likely method is thought to be via a large-scale cyber offensive.
Iran has already shown a propensity for this type of disruptive activity, as over the past decade they have shown the ability to penetrate the systems associated with our critical infrastructure. This included the August/September 2013 attack executed by an Iranian who was employed by a company performing work on behalf of the Iranian Revolutionary Guard Corps (IRGC) who was able to access the supervisory control and data acquisition (SCADA) systems of the Bowman Dam in Rye, New York. This hacking incident allowed the actor to access information regarding the status and operation of the dam and possibly manipulate its day-to-day functions.
Additionally, almost five years ago, Iran was the culprit when over half of Turkey, an estimated 44 of 81 provinces which are home to over 40 million people, suffered a massive power outage that lasted for most of March 31st, 2015. The total blackout encompassed everything connected to the Turkish electrical grid, including computers, airports, traffic lights, hospitals, water and sewage systems and more.
More recently, according to IBM, the Iranian hacking group known as Advanced Persistent Threat 34 (APT34) has developed a new strain of malware, which is being aimed at the “industrial and energy sectors” in the Middle East. This malware, which has been named “ZeroCleare” could be easily deployed against U.S. as well. ZeroCleare has the ability to wipe the data from computers that are associated with critical infrastructure targets that use Windows as an operating system.
Another worrisome attack by Iran occurred against the United States Navy and was originally reported in September, 2013. This attack can be viewed as a preview to possible wartime tactics should an escalation in tensions between Iran and the United States increase. At the time, U.S. officials told the Wall Street Journal that the Navy's largest unclassified computer network had been infiltrated by a group either "working directly for Iran's government [or] acting with the approval of Iranian leaders."
Months later, U.S. officials would disclose that the hack was far more extensive than initially thought and lasted for far much longer than had been initially disclosed. It reportedly took the Navy several months, or until November 2013, after initial news of the hack was made public in late September, to finally purge the Iranian hackers from the network.
The cybersphere in general has become an increasingly common theater of war and conflict over the past decade. This summer, reports surfaced that in response to Russian cyberaggression against the United States, the Trump administration authorized the hacking of Russia’s power grid. At the time, former National Security Advisor John Bolton stated his desire to widen the scope of possible targets the U.S. can strike via cyberwarfare.
Ironically enough, the attack that is generally accepted as the first incidence of cyberwarfare in the modern era, 2010’s Stuxnet attack, victimized Iran and according to NSA whistleblower Edward Snowden, was said to be initiated as a joint collaboration between the United States and Israel. According to reports, the attack ruined almost one-fifth of Iran’s nuclear centrifuges.
The next few weeks are sure to be tense as the world braces for what may come next as a result of the recent incidents between Iran and America. While the possibility of a conventional war between the two nations still seems unlikely, certain elements of warfare, especially cyberwarfare, are likely to materialize going both ways.
Julio Rivera is the Editorial Director for Reactionary Times and a Political Columnist and Commentator.