National security experts have warned that a fight with Iran or its proxies might not start on the battlefield but rather with a bang and a growing din of ping, ping, pings, the siren call of computer malware.
After U.S. bombs and missiles crippled Iranian nuclear sites, cybersecurity analysts and U.S. federal officials are now warning of potential cyberwarfare, an invisible attack on America's computer networks that experts say will occur with certainty. The Department of Homeland Security has warned that pro-Iranian hacktivists will likely carry out "low-level cyberattacks" against U.S. computer systems, according to a bulletin. There might also be more sophisticated state-directed attacks, though those too would likely be sophisticated enough to avoid provoking a full-on American response.
Experts say that's the key; Iran would not likely want to start a war but seeking to send a message quietly, with plausible deniability, and effectively.
Loss of access to those targets would mean that "cyber is sort of the one thing to conduct operations on the U.S. homeland and not maybe evoke a redline response," says Adam Meyers of the cybersecurity firm CrowdStrike. In short, digital attacks allow Iran to nimble the United States without getting into a fistfight.
Iran is years beyond the days when it first became a focus of the world's attention in 2009 when a worm (known as Stuxnet) unleashed by U.S. and Israeli forces put a dent in Tehran's nuclear program. Since then, Iran has developed a potent cyber playbook. Iranian hackers, in 2012, disabled tens of thousands of computers. They were responsible for a crippling attack on the Sands Casino in 2014 after its owner expressed pro-Israel positions.
Recently, hackers tied to Iran have taken credit for hacks in Israel, including missile alert systems and document dumps. Some of them took to the internet this weekend to threaten to target critical infrastructure across the United States so far, more often than not.
Experts caution that cyber warfare is not just about damage but also about drama. If the media picks up a single faked or exaggerated incident, it can spread fear more effectively than viruses. "One powerful headline might be enough to take back to their domestic audience," writes John Hultquist of Google, summing it up.
It's an approach Iran has taken in the past. After the United States assassinated the Iranian General Qasem Soleimani in 2020, many braced for a rapid digital retaliation. It didn't arrive, at least not how it was supposed to. Instead, Iran doubled down on under-the-radar espionage. It's in their playbook now, that long-game strategy.
So even as the skies are silent, the internet may not be. Officials say Tehran's silence now doesn't necessarily indicate inaction; they're deliberate and are biding their time to decide when to strike.
The bottom line is that the Iranians may not come after us with lots of missiles, but that doesn't mean we should underestimate the power of a keystroke. In this age of the digital frontier, the following "front line" might as well be in our inboxes.
0 Comments