Cyberspace the new frontier in Iran’s war with foes

While the immediate threat of an Israeli military strike on its nuclear facilities has eased for now, Tehran's rulers are under increasing pressure from crippling sanctions, a collapsing currency and rising popular discontent.

With all sides apparently keen to avoid an outright conflict, deniable cyber attacks seemingly offer one of the easiest ways of fighting back without risking too much.

Definitive proof of responsibility in cyberspace, experts say, is often all but impossible. But government and private security officials say what evidence exists points to Iranian involvement in a rising tide of attacks in the last year.

Among the most serious were directed denial of service attacks that took down websites of several US banks including Citigroup and Bank of America as well as an assault on Saudi oil firm Aramco that destroyed some 30 000 computers.

What the attacks show, experts with knowledge of government intelligence say, is that Tehran is raising its game fast – although its capabilities remain well behind those of the United States, Israel, Britain other powers such as China and Russia.

The attacks, they say, have been increasing in both sophistication and intensity.

"We've known for a long time that the Iranians were working on these kind of techniques, but it is a surprise how fast they have advanced," said James Lewis, a former US foreign service officer, now senior fellow and cyber specialist at Washington DC's Centre for Strategic and International Studies.

"Neither side really wants a war because of the economic costs in particular. So this is what they do instead."

Speaking through local media, Iranian officials denied involvement in the bank hacking. But they say they themselves have come under mounting attack, with oil facilities, infrastructure and communications firms all suffering system failures they blamed on cyber attacks from other countries.

What Stuxnet unleashed, experts say, is the most sophisticated and perhaps dangerous cyber conflict yet seen.

While no government has ever taken responsibility for Stuxnet, it is widely assumed to have been a joint US-Israeli project designed to damage and destroy nuclear centrifuges.

"Stuxnet was effective, but it wasn't a knockout blow," says Ilan Berman, a former CIA and Pentagon consultant now vice president of the American Foreign Policy Council. "What it has done, however, is open a new front."

Tracking dissent, attacking enemies
The Islamic Republic's rulers first woke up to the dangers, and the potential, of cyberspace in 2009 when anti-government protesters used the internet to organise huge protests against presidential elections they said were rigged.

Since then, largely Shi'ite Iran has beefed up the ability of its Revolutionary Guards to monitor the web to track and intimidate potential dissidents. But it has also ploughed resources into hitting back at its enemies, not just the United States and Israel but Gulf monarchies such as Saudi Arabia and Qatar.

Some believe Tehran may also be providing technical support to long-term ally Bashar al-Assad in Syria, where cyber warfare has played a role in the worsening bloodshed.

Assad's own emails were hacked by the opposition, while experts suspect Syria or Iran may have been behind last week's apparent interference in regional broadcasts of BBC World.

"Cyber is the domain where the brunt of the confrontation will move to," says Dina Esfandiary, a research associate and Iran specialist at London's International Institute for Strategic Studies. "For Tehran, [it] is the 'safest' form of confrontation because of its secretive and deniable characteristics."

Exactly who is doing the hacking, however, is harder to say.

"A lot of these capabilities are fluid," said the American Foreign Policy Council's Berman, who has testified to congress on the issue.

"You have groups of hackers that may or may not be part of the Revolutionary Guards but clearly are encouraged by them. There is also the possibility that Iran is buying additional cyber capabilities, or even manpower, on the open market. We simply don't know."

In a major speech on cyber security last week, US Defense Secretary Leon Panetta described the attack on Aramco as the most destructive ever suffered by a private sector company – although he stopped short of explicitly blaming Tehran.

The thrust of his speech, however, was seen by analysts as an explicit warning that further attacks could bring consequences.

Secret, unending war
The very attractions of the silent war – deniability and use of arms-length proxies – may make it harder to control.

The rules in cyberspace, experts say, remain far from clear. Washington announced last year it reserved the right to retaliate militarily for any cyber attack that caused death or damage, but in reality most believe the technology has far outpaced the discussion on its use.

"States at the moment seem to have little self-restraint in cyber," said Alexander Klimburg, cyber security expert at the Austrian Institute for International Affairs. "This is very dangerous … The consequence may be that … we find ourselves with a redefinition of 'war' – one that is never declared, seldom visible but effectively constant."

What is increasingly clear is that cyber confrontation will be at the heart of many if not all international disputes and rivalries in the years to come.

Russia and China are believed to have ploughed billions into capabilities they believe may allow them to work around the conventional military dominance of the United States, allowing them to turn off essential systems and communications.

US officials already accuse China of hacking corporate and state secrets and stealing technology. Meanwhile, Beijing accuses Washington of supporting internet dissidents it fears want to bring down the communist government.

At worst, some fear cyber disputes could wreck international relationships and spark shooting wars – and not just in the Gulf.

"We have a situation where governments and their proxies are increasingly indulging in cyber attacks to damage rivals' interests," said John Bassett, a former senior official at British signals intelligence agency GCHQ and now senior fellow at London's Royal United Services Institute.

"There's a really serious lack of shared understanding and informal rules needed to regulate and limit these activities." – Reuters

PW Botha wagged his finger and banned us in 1988 but we stood firm. We built a reputation for fearless journalism, then, and now. Through these last 35 years, the Mail & Guardian has always been on the right side of history.

These days, we are on the trail of the merry band of corporates and politicians robbing South Africa of its own potential.

To help us ensure another 35 future years of fiercely independent journalism, please subscribe.


Soundtrack to a pandemic: Africa’s best coronavirus songs

Drawing on lessons from Ebola, African artists are using music to convey public health messaging. And they are doing it in style

In East Africa, the locusts are coming back for more

In February the devastating locust swarms were the biggest seen in East Africa for 70 years. Now they’re even bigger

Western Cape Judge Mushtak Parker faces second misconduct complaint

The Cape Bar Council says his conduct is ‘unbecoming the holding of judicial office’

‘My biggest fear was getting the virus and dying in...

South African Wuhan evacuee speaks about his nine-week ordeal

Press Releases

The online value of executive education in a Covid-19 world

Executive education courses further develop the skills of leaders in the workplace

Sisa Ntshona urges everyone to stay home, and consider travelling later

Sisa Ntshona has urged everyone to limit their movements in line with government’s request

SAB Zenzele’s special AGM postponed until further notice

An arrangement has been announced for shareholders and retailers to receive a 77.5% cash payout

20th Edition of the National Teaching Awards

Teachers are seldom recognised but they are indispensable to the country's education system

Awards affirm the vital work that teachers do

Government is committed to empowering South Africa’s teachers with skills, knowledge and techniques for a changing world

SAB Zenzele special AGM rescheduled to March 25 2020

New voting arrangements are being made to safeguard the health of shareholders

Dimension Data launches Saturday School in PE

The Gauteng Saturday School has produced a number of success stories