Meanwhile, the continued integration of cyber and conventional warfare has been thrust into the headlines this year, also in the Middle East. Israel launched a missile strike to retaliate for an offensive cyber strike, while the U.S. did the opposite, responding to Teheran’s downing of a surveillance drone with a cyber strike against the country’s missile control systems.
In the conventional domain, spillover from the battlefield into the real world comes in the form of insurgency and terrorism. It is difficult to plan and execute and it usually fails. In the cyber domain, attacks can be mounted on soft targets worldwide with relative ease. Iran is learning this fast.
The warning issued by U.S. Cyber Command in the wake of its strike on Iran was to Outlook users that a (likely) Iranian hack was targeting millions of unpatched systems. Iran doesn’t need to counter hard targets to hit back.
Last month, the Cybersecurity and Infrastructure Security Agency (CISA) within the DHS issued a blanket warning about a”recent rise in malicious cyber activity directed at United States industries and government agencies by Iranian regime actors and proxies… using destructive ‘wiper’ attacks, looking to do much more than just steal data and money.”
CISA warned that “these efforts are often enabled through common tactics like spear phishing, password spraying, and credential stuffing. What might start as an account compromise, where you think you might just lose data, can quickly become a situation where you’ve lost your whole network.”
Also last month, the National Security Agency confirmed that “there have been serious issues with malicious Iranian cyber actions in the past. In these times of heightened tensions, it is appropriate for everyone to be alert to signs of Iranian aggression in cyberspace and ensure appropriate defenses are in place.”
And it’s not just the U.S. The U.K. blamed Iran for a concerted cyber attack last December on major government and commercial organizations.
Iran’s ability to retaliate against the U.S. government is limited, but Teheran has proven to be ultimate pragmatists when it comes to finding ways to tackle the threat of the U.S. Lining up China’s cyber support would certainly fit that bill.
Offensive cyber capabilities have long been the most sensitive and nationalistic of government activities, clouded in secrecy and deniability. If Iran finds Beijing open for business, beyond rhetoric and public support, and can genuinely tap into China’s expertise to become the ultimate cyber proxy against the U.S., the dynamics of that particular conflict will change significantly.