Iran Stretches Its Offensive Cyber Muscles
The flags of bitter enemies: Iran left, Saudi Arabia right
Wikimedia Commons
Sometime in the middle of this last November, someone, almost certainly the Islamic Republic of Iran, conducted destructive cyber attacks on key, vital computer systems of the Kingdom of Saudi Arabia. The blowback is likely to be considerable and is also likely to be a considerable headache for the incoming Trump administration. Indeed, the potential for a military confrontation involving the United States should Iran and the Saudis come to blows is not at all negligible.
What Has Happened
Yesterday we were informed by a Bloomberg website post that
State-sponsored hackers have conducted a series of destructive attacks on Saudi Arabia over the last two weeks, erasing data and wreaking havoc in the computer banks of the agency running the country’s airports and hitting five additional targets, according to two people familiar with an investigation into the breach.
Saudi Arabia said after inquiries from Bloomberg News that “several” government agencies were targeted in attacks that came from outside the kingdom, according to state media. No further details were provided.
Apparently the malware involved was the same as what was used in an Iranian attack on Saudi Aramco in 2012. Called Shamoon, the virus overwrites system files, causing the infected computer systems to become totally inoperable and not rebootable. Before creating this nuclear destruction of the system, the virus spreads to other interconnected computers to spread the destruction, in the words of the Bloomberg report, “like the digital version of a wildfire.”
Luckily for air travelers over Saudi Arabia, these cyber-bombs detonated only in the office administration systems of the Saudi’s General Authority of Civil Aviation, bringing administrative operations to a halt. Had they attacked the airport operations and navigation systems, the results could have been catastrophic. Nevertheless, these attacks may well be an Iranian warning of the deluge that will come next time.
There is a possibility that some other country than Iran launched the attack. Perhaps, for example, the Russians were the source of the virus, and were merely practicing their capabilities in a way that would cast suspicion on the Iranians rather than themselves. Or perhaps it was the Chinese doing the same thing. The problem with those speculations is that the Russians, Chinese, and Iranians are all allies, and it is hard to believe that either Russia or China would jeopardize the alliance should Iran discover their culpability. Who else might have been the source? Not Israel, since there is a budding, sub rosa alliance between Israel and Saudi Arabia. The remaining list of possible malefactors becomes vanishingly small. The greatest probability is that Iran was indeed the vandal.
What could the Iranians’ motivation have been? What were the causes of their hostility? Let us count them.
The Background of the Iran-Saudi Arabia Enmity
The Saudis, being Sunnis, and the Iranians, being Shiite, already require very little excuse to strike at each other. The enormity of the hostility between the two Islamic sects defies understanding given their minuscule differences in theological beliefs. Perhaps the video below, produced by the Council on Foreign Relations, can help explain the intensity of the rivalry.
As you may have picked up from the video, Saudi Arabia and Iran are at the very heart, indeed are the respective leaders, of the Sunni-Shia conflict.
However, there are other more recent causes for enmity. Following the Iranian Revolution of 1979, relations between the two countries deteriorated steadily, with Iran accusing Saudi Arabia of being an agent of the United States. Saudi Arabia has historically had close ties to both the United States and the United Kingdom, so it was natural for Iran to duplicate its hostility to the United States and the rest of the West with Saudi Arabia. During the Iran-Iraq war of 1980-1988, Saudi Arabia provided Iraq $25 billion to fight Iran. This mutual hostility has been displayed in other acts like the attempted assassination of the Saudi ambassador to the U.S. in 2011, and like the execution of the Shiite cleric Nimr al-Nimr by Saudi Arabia in January of this year. Al-Nimr was thought by the Saudis to be seeking “foreign meddling” by Iran for the benefit of Saudi Shiites, and his execution triggered Iranian demonstrations leading to the burning of the Saudi embassy in Teheran. Following the burning of its embassy, Saudi Arabia broke diplomatic relations.
If Saudi Arabia becomes convinced Iran was the originator of the cyberattack, they almost certainly would retaliate. The question is how, and what is the potential for that retaliation to get out of hand. There is only a narrow strip of water in the Persian Gulf separating them, with the U.S. Fifth Fleet smack dab in the middle.
How the U.S Could Get Involved
Given how the Obama administration has so irresponsibly encouraged Iran in its search for regional hegemony, the incoming Trump administration would be ill-advised to simply ignore Iran’s provocation. As Obama learned to our cost, such a turning away of American attention only invites would-be empire builders to extend their reach. In this current period of history, one of the easiest ways for one state to strike at another is by launching a malware attack against the opposition’s computer systems. This is especially true for an economically less-developed country attacking a more highly developed country, a country which is also more vitally dependent on computer systems for its health and well-being. Iranians have already been charged with a cyber attack on systems needed to operate a New York Dam, as well as coordinated attacks on dozens of U.S. banks, disrupting their operations.
Should the Iranians become skilled in the disruption of vital computer systems, consider how many ways in which they could interfere with, and indeed in some cases even threaten, American lives.
- Disruption of first responder communications.
- Disruption of traffic controls (traffic lights, railroad traffic controls, etc.)
- Disruption of air traffic control.
- Disruption of electrical power transport through the interstate power grid.
- Disabling of Hospital computer systems.
- Disabling the functioning of American banks.
- Loss of corporate control over inventories.
- Loss of patient medical information.
- Shutting down the internet.
- Theft of intellectual property.
- Destruction of financial databases, in which the debts and assets of most Americans are recorded. If these are destroyed (and they do not all reside on bank computers. Where is the deed to your house recorded?), every American would find a large fraction of his/her wealth evaporated.
These are just a few of the ways which a poor state like Iran could bring a richer, more powerful state like the United States to its knees. Although there are ways in which we can make such assaults more difficult or even impossible, the ingenuity of the human mind can often find ways around countermeasures. Because this means there will always be the threat of catastrophic cyber attack, the United States would be far safer to warn Iran, and by implication Russia, China, and any other opponent of the United States, that any such massive attack would be answered even more massively.
Because states like Iran are generally less susceptible to cyber attack, any retribution that would be even more massive could not be limited to a cyber assault alone. Indeed, the damage and loss of life from the kinds of attacks listed above would constitute a true, just casus belli. Such an attack would justify air, missile, and even ground attack to eliminate the threat. Donald Trump and his administration should leave Iran and its allies Russia and China no doubts about such a response.
Views: 1,982