2020 started with the American airstrike that killed one of Iran’s most powerful Generals, namely Qasem Soleimani. This assassination caused the tension between the United States and Iran to soar. During the past week, we have witnessed some symbolic strikes that attacked US targets. Furthermore, analysts predict that Iran will plan more dangerous attacks such as harassing ships in the Gulf and attacking other American targets with the help of Iranian proxy forces. In this landscape, there is also a fear of cyber-attacks against US assets, as part of a wider cyberwarfare plan against US. While the dispute between Iran and the USA can be traced back to 1979, it’s the first time where cyber warfare is considered as a primary mechanism against an opponent. This is largely due to the significant role of cyberinfrastructures and services for modern societies.
Why Cyber Attacks are likely to happen?
There are several good reasons for which analysts predict that Iranian hackers will launch cyber-attacks against US assets and organizations. Specifically:
- Iran possesses some of the world’s top cyber troops, who are knowledgeable, capable and aggressive at the same time. Iranian cyberwarfare experts have a track record of notorious, successful and very disruptive attacks against large scale organizations such as banks, oil companies, and industrial plants.
- In recent years several notorious cyberattacks against US organizations have been carried out by innovative Iranian hackers. This is said to be the case for the attacks against the web sites of large US banks like JPMorgan Chase and Bank of America. Furthermore, attacks against US enterprises are considered to have taken place, such as the destructive malware against the Las Vegas Sands casino which took place following the suggestion of the owner of the casino that the US should drop nuclear bombs on Iran.
- Nowadays, cyber-attacks represent a cost-effective means for causing severe damage to critical infrastructures. Indeed, as critical infrastructures get digitally interconnected, cyberwarfare can affect their operation in ways equally catastrophic as conventional warfare. Moreover, it provides opportunities to cause damage from remote and without costly investments in conventional weapons and military systems. Apart from economic implications, successful cyberattacks have also a remarkable phycological effect on their targets, while affecting the general public which gets the feeling that Iraq has the means to attack America.
What kind of attacks to Expect?
Cyberwarfare provides a range of different ways of damaging an opponent. In this context, US could expect different types of attacks such as:
- Hijacking the operation of crucial machinery over the Internet. As already outlined, this is a consequence of the digitalization of industrial systems and applications, including control systems in industrial plants and other critical infrastructures.
- Target sensitive political or diplomatic targets through data breaches and data theft. Such attacks are said to have taken place during recent presidential campaigns through efforts to breach personal email accounts of government officials and journalists. Similar data breaches could be attempted against US diplomats or military targets all around the world.
- Intrusions against systems of US corporations worldwide. Security experts suspect that Iranian hackers have attacked the data records of high rank workers of US companies in industries like finance and energy. To this end, they have collected data about these targets via social networks like LinkedIn.
Cyber Defence Strategies
US institutions and organizations have no other option than preparing their defense. Some good practices include:
- Establishing systems for tracking and alleviating cyber security incidents. This is typically part of corporate and governmental investments in cyber-security systems and services.
- Investing in cyber-security training and education. Several attacks take advantage of users’ illiteracy on digital security issues. Proper education is certainly a means of alleviating them.
- Attracting and deploying the best talent in cyber defense. Knowledgeable security experts can provide the most effective responses and defense against malicious adversaries.
- Ensuring that cybersecurity research keeps up with developments in fields like Artificial Intelligence (AI). In the coming years, the rise of AI will unveil a host of new business opportunities for enterprises. Nevertheless, it will also open the doors to new types of attacks such as data poisoning and evasion attacks against the proliferating number of deep Neural Networks. Therefore, there is a need for evolving research that can alleviate these new types of attacks that could have catastrophic implications on people and businesses.
- Ensuring proper information sharing and collaboration between organizations. In a digitally interconnected world, effective cyber-security is all about collaboration between the interconnected organizations. Sharing security-related information is key for effective cyber threat intelligence. For example, information sharing can enable organizations to properly update their risk assessment processes given attacks or suspicious activities against interconnected institutions. This allows for early preparedness and proactive handling of incidents.
- Establishing integrated strategies and policies for both cyber and physical attacks. In a connected world, the boundaries between cyber and physical security are blurred. Thus, there is a need for integrated strategies that consider holistic cyber/physical defense strategies, rather than “siloed” security policies and teams.
It’s hard to predict what the Iranian response in cyberspace would look like, but it’s highly likely that cyberattacks against US targets will occur in the coming months. This brings cyber defense issues in the foreground and alerts US organizations about their preparedness to alleviate vulnerabilities and to anticipate attacks. It should also alert all countries and institutions that rely on advanced IT infrastructures. In the years to come, the digital revolution, including the digitization of industry should come with proper investments in cyber defense. In the coming months, we are likely to watch some prominent episodes in the global cyberwarfare.