Forget China: Iran’s Hackers Are America’s Newest Cyber Threat
In March 2012, Ayatollah Ali Khameini, the Supreme Leader of Iran, publicly announced the creation a new Supreme Council of Cyberspace to oversee the defense of the Islamic republic’s computer networks and develop news ways of infiltrating or attacking the computer networks of its enemies. Less than two years later, security experts and U.S. intelligence ...
In March 2012, Ayatollah Ali Khameini, the Supreme Leader of Iran, publicly announced the creation a new Supreme Council of Cyberspace to oversee the defense of the Islamic republic’s computer networks and develop news ways of infiltrating or attacking the computer networks of its enemies. Less than two years later, security experts and U.S. intelligence officials are alarmed by how quickly Iran has managed to develop its cyber warfare capabilities — and by how much it’s willing to use them.
For several years, Iran was believed to possess the ambition to launch disruptive attacks on Western, Israeli or Arab computer networks, but not necessarily the technological capability of actually doing so. Those doubts have largely evaporated. In late 2012, U.S. intelligence officials believe hackers in Iran launched a series of debilitating assaults on the Web sites of major U.S. banks. The hackers used a well-honed technique called a denial of service attack, in which massive amounts of traffic are directed at a site’s servers until they crash. But the traffic flow in the bank attack was orders of magnitude greater than anything U.S. security officials had seen up to that point, indicating a remarkable degree of technical sophistication.
Last year, U.S. officials say that Iranian hackers infiltrated a large unclassified computer network used by the Navy and Marine Corps. Officials now say it took the Navy four months to fully clear its systems and recover from the breach, which was first reported by the Wall Street Journal.
"Iran should be considered a first-tier cyber power," Gabi Siboni, a cyber security expert with Israel’s Institute for National Security Studies, said during a speech in Washington last December.
Western analysts see Iran’s embrace of cyber attacks as a strategic attempt to counter the conventional military forces of the United States and Iran’s regional rivals, particularly Saudi Arabia. Some analysts have blamed Iran for an attack on the computers of Saudi Aramco, the national energy company that supplies about 10 percent of the world’s oil. The attack erased data from 30,000 computers, but it didn’t affect oil and gas production and distribution facilities.
Analysts debate whether Iran should yet be included in the same league as the United States, Israel, or China, which each possess extensive capabilities to launch attacks on computer networks and the critical infrastructure connected to them, including electrical power facilities. But U.S. intelligence agencies now judge that Iran is well on the path to becoming a formidable cyber force. James Clapper, the U.S. director of national intelligence, recently warned that Iran’s "development of cyber espionage or attack capabilities might be used in an attempt to either provoke or destabilize the United States or its partners.
The heart of Iran’s national cyber efforts is the cyberspace council set up in 2012. It’s chaired by the Iranian president, Hasan Rouhani and its members include senior government officials, including the head of Iran’s elite Revolutionary Guard, which controls military units believed to conduct offensive cyber operations and electronic warfare, such as jamming communications systems. Iran was motivated to ramp up its cyber security efforts, particularly the defense of its internal networks and vital infrastructure facilities, after a cyber attack on an Iranian nuclear facility by the United States and Israel that disabled 1,000 centrifuges used to enrich uranium, a key component of a nuclear weapon. Iran’s defensive capabilities today are devoted to preventing another such attack, as well as monitoring and suppressing domestic political opponents who threaten the regime, Siboni wrote in a recent analysis of Iran’s capabilities.
The Revolutionary Guard now owns and controls the biggest communications company in Iran, Siboni said. The government restricts access to the public Internet and monitors computers in Internet cafes. A domestic police force, known as FETA is charged with monitoring online activity and speech, as well as combating fraud and theft.
But it’s the offensive side of the ledger that worries U.S. officials the most. In the past week, Iranian leaders have threatened to use cyber warfare against Tehran’s enemies. "One of the options on the table of the U.S. and its allies is a cyber war against Iran. But we are fully prepared to fight cyber warfare," said Gen. Mohammad Aqakishi, the commander of the information technology and communication department of the armed forces’ general staff, according to Iran’s Tasnim news agency.
"[Aqakishi] said the U.S. has been making ‘empty threats’ against Iran for several years, noting that Washington itself is mindful of the Islamic Republic’s military might in the arena of information technology and communication," Tasnim reported.
Last week, Khameini, Iran’s supreme leader, reportedly exhorted Iranian students, whom he called "cyber war agents," to prepare to fight Iran’s enemies in cyberspace. "Get yourselves ready for such war wholeheartedly," Khameini said.
"If any war is launched against Iran, we won’t give any ground to the enemy and they themselves know this very well," Iran’s military chief of staff, Gen. Hassan Firouzabadi, said last week, declaring that Iran was prepared for a "decisive battle" with the United States and Israel.
Such provocations haven’t gone unnoticed. And U.S. military officials have acknowledged that if the United States uses cyber weapons against Iran, Americans should expect some retaliation. "That’s a valid assumption," Gen. Martin Dempsey, the chairman of the Joint Chiefs of Staff, said in an interview in January 2013. "There are reports that destructive cyber tools have been used against Iran. I’m not-I’m neither confirming nor denying any-any part in that. What that should tell you is that that capability exists. And if it exists…whoever’s using those can’t assume that they’re the only smart people in the world."
A few days before Dempsey’s remarks, Gen. William Shelton, the commander of Air Force Space Command, warned that Iran was a growing offensive threat in cyberspace. "They’re going to be a force to be reckoned with, with the potential capabilities that they’ll develop over the years and the potential threat that they’ll represent to the United States," Shelton said. In other words, Chinese hackers aren’t the only ones Washington needs to worry about.