Iran has the capability to launch cyber attacks on very short notice, expert says
Iran’s Supreme Leader Ayatollah Ali Khemanei vowed “harsh retaliation” against Washington, in response to the assassination of top General Qassem Soleimani. Intelligence experts say cyber warfare could be a primary focus, given Tehran’s vastly improved capabilities.
The country has invested heavily in its development of cyber warfare, since the destructive “Stuxnet” malware crippled Iran’s nuclear capabilities back in 2010. That has drastically reduced its response times to attacks, putting it on the same level as the U.S., according to Tom Warrick, a Non-Resident Fellow at The Atlantic Council and former Deputy Assistant Secretary for Counterterrorism Policy at the Department of Homeland Security.
“It's quite possible, as we sit here right now that Iranian cyber attacks may be launched against American targets, whether they be banks oil companies, academic institutions,” said Warrick, speaking to Yahoo Finance’s On The Move. “It's certainly clear that Iran has the capability to launch attacks on very short notice from cyber.”
Warrick says that stands in stark contrast to the near three years it took for Iran to carry out a number of retaliatory attacks on control systems across the world back in 2010. Since Stuxnet, Iran has been suspected of unleashing the “Shamoon” virus that erased nearly three quarters of Saudi Aramco’s corporate PCs, halted the website of Qatari natural gas firm RasGas, and shut down servers and wiped hard drives at the Sands Casino in Las Vegas. US banks were also targeted between 2011 and 2012, causing major disruptions from Bank of America to Wells Fargo.
Jeff Bardin, Chief Intelligence Officer at Treadstone 71, a cyber intelligence consulting group says that initial wave of attacks only helped to hone Tehran’s cyber tools. In recent years, hackers have expanded beyond traditional phishing schemes into massive data theft and drone “jamming” or the use of a transmission blocking signal to halt communication to down unmanned vehicles.
“They’re using Russian military technical capabilities with automated jamming of drones and they've been doing that in the Gulf,” Bardin said. “I think a lot of things that [Iran] has, we haven't seen yet, we might not even be aware of their full capabilities. They've been holding back and building and developing.”
That could all add to the unpredictability of any cyber war with Iran. Former NSA and Marine Corps hacker David Kennedy, who founded TrustedSec said the Islamic Revolutionary Guard Corps (IRGC) is likely to approach cyber operations with “fewer restraints” than other American adversaries like Russia, North Korea, or China, leading to attacks that are both “aggressive and unpredictable - to the point of being reckless.” Adding to the threat, Tehran is likely to lean on its proxy forces, including Hezbollah and Hamas, to effectively launch a full scale attack, both on the cyber and kinetic front, according to Bardin.
Critical infrastructures like power grids and the financial system have long been seen as ripe targets for cyber warfare, but Bardin says Iran may look to the Russian playbook, to focus any offensive campaign on President Trump himself, conducting influence operations including meddling in the upcoming U.S. Presidential election.
“They are following the same model and have been following the same model as the Russians did to influence people's minds,” Bardin said. “They have a whole group under the Basij that does that. They train for that, they do this work, and they can pay them next to nothing to do this.”
The U.S. government has increased cyber capabilities dramatically over the years, with spending requests totaling just over $17 billion in the fiscal 2020 budget. Bardin says the Defense Department’s tools against any attack are unmatched, but the U.S. remains vulnerable in part because it doesn’t impose the kind of control Iran does over the internet.
Earlier this year, Iranian officials said the country had developed a firewall to protect against viruses like Stuxnet.
“The problem is, is we don't have a national firewall to protect every industry in the US, we're everywhere,” Bardin said. “Yes, we are more capable but ...We have a bigger attack surface”
Akiko Fujita is an anchor and reporter for Yahoo Finance. Follow her on Twitter @AkikoFujita
Follow Yahoo Finance on Twitter, Facebook, Instagram, Flipboard, LinkedIn, YouTube, and Reddit.