The recent wave of Iranian cyber-attacks against officials in the Obama administration is part of the Islamic Republic’s broader asymmetric warfare campaign against the U.S., Benjamin Runkle, a former Defense Department official, wrote in a column published by the Christian Science Monitor on Wednesday.
Runkle disputed a commonly stated belief that Iran established its cyber-warfare operations as a reaction to the 2010 Stuxnet cyber-attack against its nuclear program, arguing that Iran’s efforts to develop such capabilities began much earlier:
Since the Iran-Iraq War, the Islamic Republic’s strategic culture has emphasized deniability through the use of surrogates. What’s more, it focuses on attacking soft targets to allow Iran to pursue strategic objectives beyond its conventional forces’ capabilities.
In 2005, the Revolutionary Guards sponsored the formation of the Iranian Cyber Army, a hacking collective responsible for the December 2009 hack of Twitter and January 2010 hack of China’s largest search engine. Other hacker groups linked to the Iranian military such as Ashiyane claimed credit for hacking thousands of websites in the US, Europe, and the Gulf states from 2008 to 2010 in response to perceived slights against Iran, and openly acknowledged their cooperation with Iran’s clerical regime.
Runkle acknowledged that Iran’s cyber-warfare activities may have accelerated after Stuxnet’s discovery, but stressed that Iran and other nations “began to develop and deploy cyberweapons” years before. He added that, as long Iran and other enemies of the U.S. attempt to challenge it, “they will seek to gain leverage through cyberwarfare in its various permutations.”
The latest string of cyber-attacks against administration officials came after a State Department warning in May that Iran’s cyber-warfare capabilities put American businesses at risk.
Because Iran ignores “international norms regarding the inviolability of embassies, prohibiting terrorism, outlawing foreign assassinations, and banning nuclear nonproliferation,” Runkle wrote, the U.S. should prepare for further and possibly more damaging cyber-attacks from Iran in the future. He called on the U.S. to harden its critical infrastructure against cyber-attacks and improve its defensive capabilities online, observing that “the recent renewal of Iranian hacking against US targets demonstrates that conciliatory efforts on our part are insufficient to change our rivals’ behavior in the digital realm.”
In Iran Has Built an Army of Cyber-Proxies, which was published in the August 2015 issue of The Tower Magazine, Jordan Brummer described how Iran used terrorist proxies to give it a measure of deniability about its cyber-warfare activities.
More importantly, Iran is sponsoring the cyber-capabilities of terrorist organizations in Lebanon, Yemen, and Syria. The first indication of this was from Hezbollah. The group’s cyber-activity came to the attention of the U.S. in early 2008, and it has only become more powerful in cyberspace since then. An attack that had “all the markings” of a campaign orchestrated by Hezbollah was carried out against Israeli businesses in 2012.
Lebanon’s neighbor, Syria, is home to the Syrian Electronic Army (SEA), which employs cyber-warfare in support of the Assad regime. There are rumors that indicate it is trained and financed by Iran. The SEA’s mission is to embarrass media organizations in the West that publicize the atrocities of the Assad regime, as well as track down and monitor the activities of Syrian rebels. It has been very successful at both. The SEA has attacked media outlets such as The Washington Post, the Chicago Tribune, the Financial Times, Forbes, and others. It has also hacked the software of companies like Dell, Microsoft, Ferrari, and even the humanitarian program UNICEF.
[Photo: Financial Times / YouTube ]