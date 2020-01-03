Loading...

For years, US tensions with Iran have held on to a sort of frenzy. But the drone assassination of Iranian general Qasem Soleimani, widely recognized as the second most powerful figure in Iran, has dangerously heightened tensions. The world is now waiting for an answer from Iran, which seems likely to make new use of a tool that the country has already deployed for years: its brigades of military hackers.

In the wake of Thursday's strike, military and cybersecurity analysts warn that Iran's response could include, among other possibilities, a wave of disruptive cyber attacks. The country has spent years developing the capacity to carry out not only the massive destruction of computers, but also potentially more advanced, though much less likely, attacks against critical western infrastructure such as power grids. and water networks.

"Cyber ​​is definitely an option and it is a viable and likely option for Iran," said Ariane Tabatabai, political scientist at the RAND think tank that focuses on Iran. Tabatabai highlights the asymmetrical nature of a conflict between Iran and the United States: Iran's military resources are depleted, she argues, and there is no nuclear weapons or powerful state allies. This means that he will most likely use the weapons that weak actors typically use to fight the powerful, such as terrorists and non-state militias – and piracy. "If he wants to measure up to the United States, compete with him and dissuade him, he has to do it in a more equal field, and that is cyber."

"They have the capacity to cause serious damage."

Peter Singer, New America Foundation

Iran has increased its cyber warfare capabilities since a joint US-Israel intelligence operation deployed the Stuxnet malware to Natanz's uranium enrichment facility in 2008, destroying centrifuges and paralyzing the country's nuclear efforts. Iran has since put in serious resources to advance its own hacking, although it deploys them more for espionage and mass disruption than Stuxnet-style surgical strikes.

"After Stuxnet, they formed several units across government and proxies, including the Quds led by Soleimani," said Peter Singer, cybersecurity strategist at the New America Foundation. Singer argues that, while Iranian hackers had previously been restrained by the need for stealth or denial, they can now seek to send a very public message. "These forces are not equal to those of the United States, certainly, but they have the capacity to cause serious damage, especially if they are not worried about attribution, which they can indeed wish now. "

The most likely form of cyber attack to be expected from Iran will be the one it has launched several times against its neighbors in recent years: so-called designed wiping malware to destroy as many computers as possible inside the target networks. Iran has used windshield wipers like Shamoon and Stone Drill to inflict waves of disturbance in neighboring countries in the Middle East, starting with an attack in 2012 that destroyed 30,000 Saudi Aramco computers. In 2014, Iranian pirates hit the Las Vegas Sands company with a wiper after owner Sheldon Adelson suggested a nuclear strike against the country. More recently, Iranian hackers have hit private sector targets in neighboring Gulf states like the United Arab Emirates, Qatar and Kuwait, as well as Saipem, an Italian oil company for which Saudi Aramco is a client. important.

"From what we know so far about their capabilities, they are still very focused on the computer wipers." says Joe Slowik, an analyst with industrial cybersecurity firm Dragos, who previously led the US Department of Energy's computer security and incident response team.

Aside from the Sands incident, Iran has largely refrained from launching these wiper attacks against the United States itself. But the assassination of Soleimani can change this calculation. "Iran has been reluctant to prosecute the Americans and the American allied forces like Australia or NATO," said Tabatabai of RAND. "Given the scale of last night's attack, I wouldn't be surprised if it changed."

