Iran's 'forceful revenge' against the US is likely to include cyber warfare, and experts warn the attacks could be devastating

Advertisement
Iran's 'forceful revenge' against the US is likely to include cyber warfare, and experts warn the attacks could be devastating
In this picture released by the official website of the office of the Iranian supreme leader, Supreme Leader Ayatollah Ali Khamenei attends a meeting with thousands of students in Tehran, Iran, Sunday, Nov. 3, 2019. Khamenei said his country has outmaneuvered the United States in the four decades since the 1979 Islamic Revolution. (Office of the Iranian Supreme Leader via AP)

Associated Press

Advertisement

Iranian Supreme Leader Ayatollah Ali Khamenei.

  • Iran has promised "a forceful revenge" in response to the US-ordered drone strike that killed Iranian Quds Force head Qassem Soleimani on Friday.
  • Cybersecurity experts warn that Iran spent years establishing itself as an "intelligent cyber opponent" and is likely to leverage cyberattacks against the US.
  • Iran has previously been linked to cyberattacks against Turkey, Israel, the US, and the UK.
  • Cyberattacks could target internet infrastructure, online banks, or even the US power grid.
  • Visit Business Insider's homepage for more stories.

Iran's leaders vowed to exact "a forceful revenge" against the US Friday in response to an American drone strike that killed Iranian Quds Force head Qassem Soleimani.

Complimentary Tech Event
Transform talent with learning that works
Capability development is critical for businesses who want to push the envelope of innovation.Discover how business leaders are strategizing around building talent capabilities and empowering employee transformation.Know More

Now, cybersecurity and defense experts are bracing for a possible Iranian cyber-offensive that could target online infrastructure across the US military and private sector.

Experts told Business Insider that Iran has spent years building out its computer warfare capabilities. Since 2010, when Iran faced a cyber attack on its nuclear facilities, the country has focused heavily on beefing up its cyber defense operations.

Advertisement

"Iran is an intelligent cyber opponent with an army of people testing our systems every minute of every day. It is the ultimate game of cat and mouse," Sam Curry, chief security officer at Cybereason, told Business Insider.

However, the US has also focused heavily on building up its cyber defenses during that time, according to Kiersten Todt, former cybersecurity advisor to the Obama administration and managing director of the Cyber Readiness Institute.

"I absolutely think that they will look to attack our critical infrastructure on the homeland ... but our capabilities and our preparedness for that type of attack is strong and our military is extremely well-prepared for this," Todt told Business Insider.

Here's what we know about Iran's capacity for online warfare, and what a cyberattack could look like.

{{}}

Iran has focused heavily on building out its cyber warfare capabilities since 2010, when a cyberattack temporarily took down its nuclear facilities.

Iran has focused heavily on building out its cyber warfare capabilities since 2010, when a cyberattack temporarily took down its nuclear facilities.

In the years that followed, US military officials warned that Iran was emerging as a leader in cyber warfare.

"They are going to be a force to be reckoned with, with the potential capabilities that they will develop over the years and the potential threat that will represent to the United States," then-Air Force General William Shelton predicted in 2013.

Since then, Iran has been linked to sophisticated cyberattacks against Israel, Turkey, the US, and the UK.

Since then, Iran has been linked to sophisticated cyberattacks against Israel, Turkey, the US, and the UK.

US officials accused Iranian hackers of attacking American banks in 2012, but the Iranian government denied those accusations at the time.

Advertisement

Iranian hackers have proven capable of cyberattacks that brought entire countries to their knees — in 2015, Iranian hackers caused a massive power outage in Turkey that lasted more than 12 hours.

Iranian hackers have proven capable of cyberattacks that brought entire countries to their knees — in 2015, Iranian hackers caused a massive power outage in Turkey that lasted more than 12 hours.

According to experts, it's reasonable to expect that a similar attack on the US power grid is possible.

"Anything they have targeted in any country could potentially be fair game in any other country," Curry said.

Iranian cyber attacks are likely to target US critical infrastructure.

Iranian cyber attacks are likely to target US critical infrastructure.

"The attacks could be devastating," said William Mendez, director of cybersecurity firm CyZen. "Imagine if financial transactions could not be completed or if the Stock Exchange was not operational because of a cyber-attack. The Ripples could be felt globally."

Advertisement

However, the impact of the attacks will depend on US resiliency, or how quickly agencies can recover from cyber attacks.

However, the impact of the attacks will depend on US resiliency, or how quickly agencies can recover from cyber attacks.

"While this event is a surprise, our ability to prevent and protect has continued to grow and evolve with the threats," Todt said.

Experts emphasized that US defenses should focus not only on preventing attacks, but on rehabilitating infrastructure that suffers from attacks.

"There is often too little emphasis on facing the truth that intelligent, motivated, equipped opponents will eventually succeed and that requires planning to both minimize damage and to return to normal operations as rapidly as possible," Curry said. "This is far too often neglected."

It's difficult to predict exactly what a cyber attack from Iran would look like — but experts emphasize that Iran's cyber capabilities are well-documented.

It's difficult to predict exactly what a cyber attack from Iran would look like — but experts emphasize that Iran's cyber capabilities are well-documented.

"We're all waiting to see what the blow will look like," Curry said. "Because you don't know where or when they're going to strike, fear and uncertainty are already a weapon."

Todt said that, while the US drone strike that escalated the conflict with Iran was likely a surprise to many in the cybersecurity community, the US should nonetheless be prepared to mount a sufficient defense against Iranian cyber warfare.

"Our capabilities and our preparedness for that type of attack is strong and our military is extremely well-prepared for this," Todt said.

Advertisement