26 January 2020

“THAT’S WHERE THINGS REALLY GET SCARY”: GAMING OUT AN IRANIAN CYBERATTACK

BY NICK BILTON

While several possible scenarios could manifest from the latest Donald Trump-led global conflict, including everything from things blowing over (unlikely) to World War III (also unlikely, but possible), the skirmish that is most probable, and the one Americans should be most worried about, would take place in cyberspace. The potential for an army of computers to produce deadly results is very real. Power grids could be shut down for days, or weeks, or indefinitely. The stock market could be knocked offline or sent into free fall by hackers. Water supplies could be poisoned; driverless cars could be used like battering rams or to mow down Americans en masse; simple corporate espionage could tank the economy. A tad dramatic? Sure. All very possible scenarios? Absolutely.

The Iranian hornet nest Trump just kicked has been training for a digital skirmish for years, according to a former State Department official I recently spoke with. As the Department of Homeland Security warned in a bulletin on Saturday, “Previous homeland-based plots have included, among other things, scouting and planning against infrastructure targets and cyber enabled attacks against a range of U.S.-based targets.” The agency noted that “Iran maintains a robust cyber program and can execute cyber attacks against the United States. Iran is capable, at a minimum, of carrying out attacks with temporary disruptive effects against critical infrastructure in the United States.”


With these kinds of attacks, the death toll could far outweigh that of typical warfare. As Ambassador Henry Cooper, the former director of the U.S. Strategic Defense Initiative and a preeminent expert on missile defenses and space weapons, has said, a successful attack on the American power grids could shut down the “U.S. electric power grid for an indefinite period, leading to the death within a year of up to 90% of all Americans,” or 297 million.

Not that Americans should necessarily brace for a full-scale cyber-onslaught from Iran. “Russia’s illicit cyber-activities are about influencing conflict; China’s cyber-activities are all about growing their economy; with Iran, it’s strictly about geopolitics, and about the facility related to the country’s black market,” explained the former State Department official. In other words, while Russia wants to sow chaos in the world, and China wants to become the biggest economic superpower on earth—and both countries will use their cyber-espionage tactics, or corporate theft, to get there—Iran is only really thinking about Iran. Having someone like Trump, who could drag the country into war, in the White House is not in the theocratic regime’s best interest. So any form of cyber-espionage that Iran might now deploy would be in the interest of getting Trump out of office in 2020—things like disrupting economic targets, prodding at the stock market, or hacking into corporations.

Iran has been under so many sanctions for so long, the former State Department official explained, that maintaining the underground apparatus that facilitates smuggling banned goods into the country is more important to its regime than getting into a bombing match with the U.S. or another neighbor. However, the person added, Iran’s cyber-war capabilities are still largely unknown. In the past, while the country has hacked into government websites, knocked out servers of corporate targets, and even broken into the email accounts of individuals who have spoken out against the regime, its hacking operations have been more akin to online vandalism—at least as far as we know. More recently, the former official said, the country has begun to expand its influence. “Iran has started to target a lot of U.S. and Western financial institutions,” the official said. “But what they’ve recently started to do more of is getting into the business of Russia-style spreading of propaganda in the United States.”

That said, the official noted, the big worry in Washington right now isn’t simply what Iran might do, but what other countries, specifically Russia or North Korea or even China, could do and then blame Iran. “There are other actors that could take advantage of this for their own personal gain. Anything that happens right now, the first [thing] people will do is point the finger at Iran, even if it wasn’t Iran that was responsible,” the former official said. Russia has sabotaged power grids in Ukraine; who’s to say Vladimir Putin, who loves to throw chaos into the abyss and watch from the sidelines, wouldn’t have his cybersecurity teams hack the United States and leave clues pointing to an Iranian perpetrator, leading to further escalation? And that’s where things really get scary.

To understand just how catastrophic a successful cyberattack could be, you first need to travel back to the Cold War between Russia and America. Back then one of the more terrifying threats was an EMP, or electromagnetic pulse bomb, which could hypothetically knock out the power grids and destroy anything with a computer chip inside. While EMPs are still a major threat (in 2017, Congress held hearings on the potential for North Korea to use an EMP to destroy our power grids after Trump escalated tensions with Kim Jong Un), the research the U.S. government has conducted to explore the outcome of such an attack is now being applied to cyber-warfare.

While the FBI, CIA, NSA, and DHS, are all working toward fortifying America’s infrastructure and their own offensive capabilities when it comes to cyber-war, so are Iran, Russia, China, North Korea, Israel, and even India. A tiny example of what Iran alone can do was illustrated back in February of 2014, a few months after the casino magnate Sheldon Adelson said publicly that Iran should be on the receiving end of a American warhead due to its nuclear ambitions (Adelson is a huge proponent of Israel) and that it should be “wiped out” if it continued to develop its nuclear programs. Iran was so infuriated by Adelson’s remarks that a few months later, Iranian hackers slipped malware into the computer networks of Adelson’s casino company, shutting most of the corporate system down and costing Adelson more than $40 million.

The former State Department official explained that when it comes to superpowers like China and Russia, the theory is that anything they can do to us, we can do to them, which creates a sort of Cold War-like standoff. If Russia knocked out America’s power grids, America would do the same in return. If China came after the American economy, then the Americans would go after the Chinese economy. With rogue-type countries like Iran or North Korea, the attacks could be less drastic, and yet offer the illusion that something much worse is possible.

This past weekend the website for the Federal Depository Library Program was hacked and switched out with an unflattering image of Trump being punched in the face, with a message that said, “Hacked by Iran Cyber Security Group Hackers.” That was child’s play, likely from a single low-level Iranian engineer who wanted to spray a little anti-Trump digital graffiti. The real threats, according to tweets by a cybersecurity director from the Department of Homeland Security, are likely still to come. Though Trump appeared to have taken Iran’s missile retaliation as a victory during a press conference Wednesday morning, Iran doesn’t seem prepared to let things go. “Military operations do not suffice,” Ayatollah Ali Khamenei said, ominously. As my colleague Abigail Tracy reported, many in Washington believe the killing of Qasem Soleimani has made the world a much more dangerous place and that “a real retaliation is going to come months from now.”

No comments: