As tensions escalated between the US and Iran, the spectre of a major war appeared to be creeping ever closer. While neither side really wants a full-blown war, it’s unlikely we have seen the end of hostilities. Will the conflict take a different course, and will Iran conduct a cyberattack on the United States?
The nature of warfare and hostility have begun to shift away from the battlefield and into cyberspace. Increasingly, countries are using cyberattacks as a means to disrupt and undermine foreign powers’ military and strategic operations. Russia and China have invested heavily in this technology, alongside countries like the US, France and Israel. With the threat of reprisals coming to the fore following the killing of General Qassem Soleimani, Iran may use a covert form of technology to start a different frontier of warfare. If they choose to do so, how will it be conducted?
The Weapons of Cyberattacks
There are a variety of weapons which have been utilised in previous cyberattacks. These include botnets that can carry out distributed denial of service attacks (DDoS). These attacks cause widespread disruption to services and cause them to crash. If an attack were to be conducted on crucial infrastructure like healthcare facilities, the impact could be very severe. Such disruptions have occurred in the past as a result of malicious acts by various non-state actors, prompting the Office of Civil Rights to issue warnings.
Other methods include malware such as Flame and Stuxnet (more later) which often devastate internal systems before executing a ‘kill command’, leaving no trace of their origins. While malware is the focus of industry attention into action against hacking, it makes up only 7.5% of cyber attacks. Around 50% are carried out in so called reconnaissance attacks where a hacker makes a prolonged and targeted attack on a specific site. Whichever the method, the attacks can cause major disruption and have the potential to escalate matters into full scale war.
War or Proxy?
While no cyber wars are currently recognized as going on, the clarity around this is often problematic due to the nature of it needing to be clear and unambiguous. The sources of cyber attacks are not often clear. What we do know, however, is that governmental departments and organisations across the globe are under attack on a daily basis. These appear to be rarely carried out by Nation States themselves but by state-sponsored proxies instead. This makes it easy when, for example, the Russian backed group APT-28 launched an attack on a US military database, it claimed to be part of the ISIS Caliphate and the Russian government distanced themselves from the groups.
US-Iran Cyber Conflict
We know already that the Iranian government themselves have been the victims of a sophisticated cyber attack by a US and Israeli backed system known as Stuxnet. This involved the inadvertent uploading of a worm via an infected USB stick which impacted the operation of Iran’s nuclear power programme causing over 1000 machines to be destroyed in the process. This operation clearly underlines the efficacy of certain nation states to use cyber attacks to devastating consequences. Other similar attacks have followed more recently.
But what about an attack by Iran on the US? Commentators in the United States are already talking about a very real threat and aggressive tactics used. Christopher Krebs, director of the Cybersecurity and Infrastructure Security Agency declared, “Iran has the capability and tendency to launch destructive attacks.” Iran has history in launching cyberattacks against the US and the low level reprisals have already begun. News agencies across the US have been hacked, with pro Gen. Soleimani messages going up on their websites. In 2013, Iranian hackers were able to take down a number of major US banks for several minutes. This in itself was a wake up call for the US government, given the level of sophistication and organization that was involved in the attacks – an apparent reprisal for further economic sanctions.
Chances of a Cyberattack
With the power and might of the US military, not to mention the Iranian government stating the retaliation was ‘concluded’ following the missile attacks on US bases in Iraq – you’d be forgiven for thinking the Iranians would not seek to escalate the situation further. Cyberspace, however, is a far murkier place and the nature of an attack has the potential to be more dynamic and sustained than anything Iran could do with physical weaponry. The Cybersecurity and Infrastructure Security Agency (CISA) thinks an Iranian attack is a real possibility.
Accountability is also another factor to consider – the example of APT-28, not to mention the myriad of potentially state-sponsored Iranian hackers involved in previous attacks, may leave the US to assume an attack was committed by Iran without conclusive proof.
Whether a sophisticated cyberattack is carried out by Iran or not, from now on, the frontier of war is far more likely to be fought in the virtual world. Cybersecurity threats remain high whether from state actors, hacktivists, or hackers seeking criminal gains.
SANVADA™ LLC is a BBB and VOSB Certified high-tech cloud consulting business that delivers products and services to consumers and businesses alike. Our products and services include: proprietary software solutions such as VPN and VPS capabilities, cyber security, and AWS Workspaces for developers. We offer data migration and automation as well as proof-of-concepts (PoC), and prototyping software development. We are the first and last when it comes to monitoring your data for any vulnerabilities or viruses. To learn more, visit us here!