It has been reported that the US launched a cyber-attack on Iranian weapons systems on Thursday as President Trump pulled out of air strikes on the country. The cyber-attack disabled computer systems controlling rocket and missile launchers, and is reported to be in retaliation for the shooting down of a US drone as well as attacks on oil tankers that the US has blamed Iran for.
.@VP Mike Pence says he expects the president to announce additional sanctions on Iran tomorrow but couldn't say whether the US has conducted cyber operations for retaliation because “we never comment on covert operations.” pic.twitter.com/Jx3K9cyJ4M
— Face The Nation (@FaceTheNation) June 23, 2019
Experts Comments:
Sam Curry, Chief Security Officer at Cybereason:
The reason is simple: nothing can be definitively proven in cyber. Even if cyber activities produce kinetic effects, like disrupted pipelines, sabotaged uranium enrichment or interrupted communications. Both sides can claim victory regardless of outcomes and appear strong. Now we’re learning how cyber will get used in more hostile conflicts for the theatre of diplomacy.
Iran claims a firewall stopped 33 million attacks, which is a useless claim because real attacks aren’t stopped by firewalls. The US claims that the President stopped a retaliation because 150 lives would be at stake, which translates to either a “look at my big gun that I didn’t use” style of threat or realisation that shooting down a drone regardless of air space isn’t really an act of war.
Regardless of the rhetoric and duel of press releases, both the US and Iran are actually top cyber powers. The posturing over who did what in the Straights of Hormuz is really only a reflection of failures on other fronts and high tension. Rest assured conflict is happening, but nothing either nation has said at this point is pointing to anything new or significant happening in the cyber domain.”
Dave Weinstein, CSO at Claroty:
Phil Neray, VP of Industrial Cybersecurity at CyberX: