It has been reported that the US launched a cyber-attack on Iranian weapons systems on Thursday as President Trump pulled out of air strikes on the country. The cyber-attack disabled computer systems controlling rocket and missile launchers, and is reported to be in retaliation for the shooting down of a US drone as well as attacks on oil tankers that the US has blamed Iran for.
.@VP Mike Pence says he expects the president to announce additional sanctions on Iran tomorrow but couldn't say whether the US has conducted cyber operations for retaliation because “we never comment on covert operations.” pic.twitter.com/Jx3K9cyJ4M
— Face The Nation (@FaceTheNation) June 23, 2019
Experts Comments:
Sam Curry, Chief Security Officer at Cybereason:
“The Cyber Game of Nations continues this week with Iran and the US rattling cyber sabers at one another over the Straight of Hormuz. Historically, nations would threaten and claim petty victories in skirmishes in the kinetic world. However, now cyber is the domain of choice to make these war cries of angst and escalation.
The reason is simple: nothing can be definitively proven in cyber. Even if cyber activities produce kinetic effects, like disrupted pipelines, sabotaged uranium enrichment or interrupted communications. Both sides can claim victory regardless of outcomes and appear strong. Now we’re learning how cyber will get used in more hostile conflicts for the theatre of diplomacy.
Iran claims a firewall stopped 33 million attacks, which is a useless claim because real attacks aren’t stopped by firewalls. The US claims that the President stopped a retaliation because 150 lives would be at stake, which translates to either a “look at my big gun that I didn’t use” style of threat or realisation that shooting down a drone regardless of air space isn’t really an act of war.
Regardless of the rhetoric and duel of press releases, both the US and Iran are actually top cyber powers. The posturing over who did what in the Straights of Hormuz is really only a reflection of failures on other fronts and high tension. Rest assured conflict is happening, but nothing either nation has said at this point is pointing to anything new or significant happening in the cyber domain.”
Dave Weinstein, CSO at Claroty:
If the reporting is accurate, this is a great example of when and how cyber operations should be deployed in response to kinetic operations. It is both proportionate and limiting from a collateral damage perspective. Furthermore, it serves deterrence value because it demonstrates not only to Iran but to other adversarial observers that the U.S. is both capable and willing to project cyber force in a tailored fashion. It’s also noteworthy that the U.S. reportedly targeted what can be considered a strictly military target. As international norms of cyberspace evolve, it’s important to demarcate military from civilian targets, particularly as it relates to dual-use infrastructure. Finally, this operation illustrates the advantages of cyberspace as an attractive alternative military domain to sea, air, or land — especially for conducting retaliatory strikes.
Phil Neray, VP of Industrial Cybersecurity at CyberX:
“The digital strike against Iran is a great example of using #CyberCommand as a Special Ops force, clearly projecting US power by going deep behind enemy lines to knock out the adversary’s intelligence and command-and-control apparatus.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.