First it was Russia and the People’s Republic of China. Now it’s…Iran? How far behind are we falling in cyberspace, the core of a modern society? Now we’re hearing from The Wall Street Journal that Iran has been conducting an active cyberwar against us for some months. (Notice that: we didn’t hear about this war voluntarily from our government, but from a newspaper which had to tease it out of our government.)
Iranian hackers with government ties have mounted cyberattacks against American targets in recent months, escalating a low-grade cyberwar[.]
The Iranian effort culminated in a series of recent attacks against US banks as well as electronic assaults this year on energy companies in the Persian Gulf. The attacks bore “signatures” that allowed US investigators to trace them to the Iranian government, [US government] officials said.
Here are some of the battles waged in this war since the start of the year:
- January 2012: Potent but smaller-scale denial-of-service attacks against US banks
- July 2012: Cyberattack at Saudi Arabian Oil Co. unleashes a virus called ‘Shamoon,’ destroying data on 30,000 computers
- August 2012: Cyberattack at Rasgas, a Qatari natural gas company, disabled websites and email system
- September 2012: A group called “Qassam Cyber Fighters” announced plans for cyberattacks on US banks. Powerful denial of service strikes hit Bank of America Corp, JP Morgan Chase & Co., US Bancorp, PNC Financial Services Corp. and Wells Fargo & Co
- October 2012: The Qassam Cyber Fighters issued announcements, followed by cyber strikes, involving other US banks, slowing or interrupting consumer websites
A “senior defense official” said,
They have been going after everyone—financial services, Wall Street. Is there a cyberwar going on? It depends on how you define “war.”
How very Clintonesque of him.
My own speculation is that these relatively small attacks are just probes, both to test us and to test Iran’s developing cybersystems.
How well prepared are we to defeat a serious, concerted cyberattack, and how well prepared are we to go over to the offense and crush our attacker? Apparently not very well. Defense Secretary Leon Panetta said this:
An aggressor nation or extremist group could gain control of critical switches and derail passenger trains, or trains loaded with lethal chemicals.
They could contaminate the water supply in major cities, or shut down the power grid across large parts of the country.
The most destructive scenarios involve cyber actors launching several attacks on our critical infrastructure at once, in combination with a physical attack on our country. Attackers could also seek to disable or degrade critical military systems and communications networks.
The collective result of these kinds of attacks could be “cyber Pearl Harbor:” an attack that would cause physical destruction and loss of life, paralyze and shock the nation[.]
Panetta says the US is putting in place systems to defeat such cyberattacks, but I have to ask: how does that work in the face of Democratic Presidential Candidate Barack Obama’s trillion dollar cuts to our defense establishment from the combination of his spending cuts for Defense and his sequestration of further Defense funds scheduled for the turn of the year?