This past May, U.S. President Donald Trump signed an executive memorandum to withdraw the United States from the Iran nuclear weapons deal started under then-President Barack Obama. With the deal ended it was only a matter of time before U.S. sanctions would take effect with many experts speculating on what an economic war with the totalitarian regime would entail.
Unfortunately, much of the speculation has turned towards the possibility of retaliatory measures that Tehran might invoke. While the ultimate concern is in regards to Iran’s proliferation of nuclear weapons, a far more immediate threat is the risk of an aggressive cyber attack against regional enemies and the U.S., according to many experts.
History shows that Iran has turned to these tactics before. In response to U.S. sanctions, the Islamic regime orchestrated cyber attacks against the American financial industry. While the Obama administration negotiated with Iran for the original nuclear deal, the country minimized their overt computer breaches, however, the regime continued its attacks on U.S. allies.
Iran is uniquely capable of understanding the full effects of heavy U.S. economic sanctions, their recent past with such coercion techniques devastated their economy and undermined their military strength. Analysts from the Foundation for Defense of Democracies (FDD) agree that Iran doesn’t have the strength to compete with the U.S. in conventional warfare methods, but cyber campaigns provide Iran with an equalizing force and they have already demonstrated a willingness and capability to execute such attacks on the U.S. and American allies.
The analysts went on to explain that Iran first became consumed with cyber-warfare after their own nuclear infrastructure fell victim to such a breach. In the aftermath, Tehran increased investments to its own cyber capabilities, both defensive and offensive, by enlisting the help of a hacker community within its own borders.
Nowadays, intelligence specialists believe that the Islamic Revolutionary Guard Corps (IRGC) manages the majority of Iran’s cyber operations. The military branch monitors and delegates tasks to independent groups that provide an element of deniability to the government for the criminal actions taken by the hackers. These cyber specialists engage in regime-sponsored operations, criminal operations, and legitimate software development on behalf of Tehran.
Recently, Iran’s cyber unit carried out attacks against middle Eastern governments and businesses, globally accessed universities and foreign companies operating in the Middle East (predominantly U.S.). The high-profile Shamoon 2 Malware attack is believed to be the act of Iranian cybercriminals.
Going forward, cyber-security experts agree that the U.S. needs to do more to prepare for threats from Iran on the cyber-front. Some recommendations include organizing and carrying out wargames to test U.S. cyber defense capabilities, provide actionable intelligence to private sector companies that are most vulnerable to cyber-attack in order to strengthen all U.S. assets and be prepared to respond to any large-scale cyber attacks with proportionate retaliatory attacks of our own.