IRAN READYING HACKER ATTACKS ON U.S. INFRASTRUCTURE SAY SPECIALISTS
We haven't been too interested in protecting our national borders for about 50 years, why would we begin to protect our virtual borders? -W.E.
In 2009, Iran’s nuclear program was attacked by a cyberweapon called Stuxnet. Although there is no definitive evidence of Stuxnet’s origins, Iran has blamed the United States and Israel and has been girding for a conflict in cyberspace ever since.
“For the Iranian regime … the conclusion [drawn from Stuxnet] is clear: War with the West, at least on the cyberfront, has [already] been joined, and the Iranian regime is mobilizing,” states Mr. Berman.
The tensions between Iran and the West have taken other unconventional forms besides cyberwarfare.
Iran claimed this month that it has been able to copy sensitive technology from a U.S. drone that crashed over its territory. It has also accused the United States and Israel of killing several of its nuclear scientists.
The congressional testimony comes as the world waits for the next round of talks about Iran’s nuclear program — which Tehran insists is for peaceful purposes — next month in Iraq.
The United States and other member of the U.N. Security Council are pushing Iran to end its program of uranium enrichment. In exchange, trusted third countries would provide fuel for its civilian nuclear program. Enriched uranium can be used as fuel, but it can also quickly be further enriched and used in a nuclear weapon.
As negotiators prepare for the next round of talks, the tightening screw of international sanctions and the still-looming threat of an Israeli military strike against Iran’s nuclear sites have provoked angry threats from leading figures in the Revolutionary Guards.
Mr. Cilluffo points out that “Iran is not monolithic: command and control there is murky, even within the IRGC [Revolutionary Guards], let alone what is outsourced.”
He notes that the Lebanese-based militant Hezbollah movement — which the Iranians have frequently used as a terrorist proxy — has begun recruiting its own cybermilitia of skilled hackers.
“Iran has a long history of demonstrated readiness to ploy proxies for terrorist purposes,” Mr. Cilluffo’s testimony states.
“There is little, if any, reason to think that Iran would hesitate to engage proxies to conduct cyberstrikes against perceived adversaries.”
Those proxies could make it might be hard to prove that Iran was behind the attacks.
Mr. Berman’s testimony notes that an extremist newspaper affiliated with the Revolutionary Guards last year warned the United States to “worry about ‘an unknown player somewhere in the world’ attacking a section of [U.S.] critical infrastructure.”
In 2009 and 2010, a hacker group calling itself the Iranian Cyber Army attacked Twitter and the Chinese search engine Baidu, as well as Iranian websites belonging to the opposition Green Movement.
“In the event of a conflict in the Persian Gulf” attacks like that on Twitter “could provide Iran an avenue for psychological operations directed against the U.S. public,” states Mr. Cilluffo.
Such operations would aim at sowing fear and confusion by attacking systems Americans rely on in their daily lives.
In a Persian Gulf military stand off, Iran might also combine computer-network attacks against U.S. military information and communications systems with more conventional jamming techniques “to degrade U.S. and allied radar systems, complicating both offensive and defensive operations,” Mr. Cilluffo adds.
Some parts of the federal government like U.S. Strategic Command and the State Department’s Nonpoliferation Bureau have begun to pay attention to the Iranian cyber threat, but no one in the administration is “tasked with comprehensively addressing the Iranian cyberwarfare threat,” Mr. Berman warns.
“The U.S. government, in other words, has not yet even begun to get ready for cyberwar with Iran,” he concludes.