Sen. Chuck Schumer (D – N.Y.) said that an Iranian cyber-attack on a dam near New York City was a “shot across the bow” of the United States, which should be answered with harsher sanctions, the Associated Press reported on Friday.
“Now it looks clear that the Iranians did it,” Schumer said during an appearance on Long Island. “What were they doing? They were sending a shot across our bow. They were saying that we can damage, seriously damage, our critical infrastructure and put the lives and property of people at risk.”
The breach in the dam’s control system was first reported in December of last year, and Schumer indicated that there would a federal indictment in the case as early as April. The congressman added that the breach suggested that Iranian hackers possibly posed even greater threats. “Hackers can come in, as these Iranian hackers did, and hurt our critical infrastructure,” he observed. “What if they open the sluice gates of a dam with a whole lot of people behind it? What if they shut off the power for a large part of the area?”
At a State Department briefing last Thursday, Spokesman Mark Toner answered a question about the security breach:
[I] did talk to my colleagues over at Department of Justice, they said please refer any specifics – any questions about the specifics of this 2013 incident to them. I would say broadly that we obviously take all – seriously all such malicious activity in cyberspace. We’re going to continue to use all the tools at our disposal to deter, detect, counter, and mitigate that kind of activity.
According to the cyber-security firm Cylance, Iran has been responsible for continuing attacks on American infrastructure. “It’s the same M.O., the same targets, the same sourcing,” Cylance Vice President Jon Miller told Politico’s Morning Cybersecurity report. There “are definitely more attributable attacks, more than anyone has been able to report so far,” he added.
Miller also noted that it was important for the government to attribute the attack to Iran, explaining, “One of these had to get [attributed] to let Iranians know the U.S. government is aware and not too scared to say something about it.” Failure to act would mean “they’re just going to continue doing this unchecked,” he continued.
Iranian hacking attacks against American targets has not slowed since the beginning of the diplomatic outreach over Iran’s nuclear program or even since the nuclear deal was signed last year, Cylance says.
The Associated Press reported in December that Iranian hackers were targeting parts of America’s electrical infrastructure and stealing highly sensitive data, including “Mission Critical” power plant blueprints. Earlier that month, Benjamin Runkle, a former Defense Department official, warned that Iran’s cyber-attacks against U.S. government officials were part of a broader asymmetric warfare campaign against the country. The attacks prompted Congress to boost the military’s ability to counter cyber-security threats.
In October, the Wall Street Journal reported that a cyber-security company, Dell Secureworks, had identified a scheme where Iranian hackers had set up false LinkedIn accounts in order to learn sensitive information from the defense and telecommunications sectors. Reports surfaced in August that Iranian hackers were targeting political dissidents living abroad.
Earlier in 2015, The New York Times revealed that the U.S. had enlisted the help of its allies, including Britain and Israel, to confront the escalating Iranian cyber-attacks.
A report released in 2014 by Cylance highlighted Iran’s growing cyber-terror capabilities, including “bone-chilling evidence” that its hackers had taken control of gates and security systems at airports in South Korea, Saudi Arabia, and Pakistan.
Iran’s cyber-attacks are not just directed at other countries and individuals abroad, but also its own citizens. Massive attacks on Iranian Google accounts were detected prior to the presidential election two years ago as part of a broader crackdown on dissent.
[Photo: Senate Democrats / Flickr ]