The U.S has neglected an imperative consequence of withdrawing from the Iran Nuclear Deal: Cyberattacks
Following the U.S. decision to withdraw from the Iran Nuclear Deal, retaliation in the form of cyberattacks could have potentially devastating results.
When President Trump decided to withdraw from the JCPOA, most commonly known as the Iran Nuclear Deal, he was aware of the repercussions on foreign relations but neglected a very critical consequence- cyberattacks.
The Iran nuclear deal did not only prevent dangerous nuclear developments, but also fostered a greater understanding of peace and cooperation. The overall environment of improved relations and trade also included a significant decline on Iranian state-sponsored cyber attacks. Prior to the agreement, Iran had a history of inflicting powerful attacks on U.S. public and private functions.
With the abrupt axing of the agreement, it is not irrational to expect a resumption of these types of attacks as a form of retaliation from the Iranian government. Though U.S. officials are alerted by this possibility, it seems that President Trump has underestimated the potential damage of such a scenario.
On top of that, on the 21st of May, Secretary of State Mike Pompeo outlined an aggressive strategy towards Iran. Although this set of demands calls for an end to “destructive cyber attacks”, it seems that this speech is likely to serve as a provocation for further cyber-hostilities rather than as a warning.
Iran: a country with proven massive cyber capabilities
Up until today, the U.S. and Iran have been launching multiple digital attacks against one other for various purposes, from inflicting real damage to espionage. The most notable U.S. attack was the 2010 compromise of the Iranian Uranium enrichment facilities using a malware worm called Stuxnet. Since then, a large majority of Iranian attacks were not only ideologically-driven, but also a form of direct retaliation.
It is worth reviewing the most impactful Iranian cyber attacks in order to understand the country’s cyber capabilities of damaging critical infrastructure.
One of the most notable attacks was Operation Ababil, which managed to cripple the websites and subsequently operations of 46 banks in the U.S. The hacker group named Izz ad-Din al-Qassam launched Denial of Services attacks that effectively flooded the servers and spread panic.
Another prominent attack, this time on infrastructure, was in 2013, when hackers associated with the Revolutionary Guard Corps managed to gain access to the systems of a small dam in Rye Brook, New York. The Bowman Avenue Dam computers that controlled the water levels and flow gates were infiltrated, but no physical damage occurred. An attempt to do so would have failed anyway, as the systems were offline due to a repairing process. Even though there was no real harm caused by this attack, it is a great indicator of the capacity to exploit vulnerabilities in critical infrastructure.
Lastly, it is imperative to mention that some Iranian cyber attacks on infrastructure have been successful, despite not targeting U.S. systems directly. One example is a series of attacks over the last year and a half on Saudi petrochemical plants. The most serious incident occurred in 2017, when hackers seized the plant’s operational safety controls that had the potential to ignite a chemical explosion. The extent of this attack as well as its recency proves that as time progresses, Iran develops its cyber-capabilities rapidly and exponentially.
Trump’s contradicting cyber security strategy
While Europe strives to implement a robust cybersecurity framework, the Trump presidency has not yet managed to improve U.S. security systems. On May 2017, President Trump signed an executive order on cybersecurity that revised some measures on accountability and IT modernization, but lacked some essential elements such as a security plan for the private sector and most importantly- innovation. Most experts consider this order a move towards strengthening cyber security, but warn that it is not really a strategy nor does it promise speedy progress.
Since signing the order, there has been little progress and action on the issue. Apart from lacking a clear plan and the disregard of senators’ recommendations on innovative cybersecurity measures, it is evident that there is a general attitude of neglect stemming from President Trump. It was recently reported that the President’s smartphone has not been assessed for months, as he considers this process as “too inconvenient”. This stance signifies an underestimation of the potential damage that could be caused by cyber crime, yet the consequences of a security oversight could be fatal.
Moreover, the U.S.’ cybersecurity strategy has taken a contradicting form. On the one hand, there is little action on security, while on the other, President Trump often publicly stresses the importance of prioritizing cybersecurity. Nevertheless, at the time of the scrapping of JCPOA, where officials are warning about the high possibility of Iranian cyber attacks, the White House completely removed the position of Cybersecurity Coordinator. This move sparks debate on the contrasting nature of this action in times where strong cybersecurity leadership seems as important as ever.
Outlook
Undoubtedly, Iran has invested significant resources in developing its cyber-expertise, and has the ability to inflict critical damage to networks and systems. That being said, it is not certain that Iran will increase its cyberattacks due to the U.S.’ withdrawal from the nuclear deal, nor that, if it does, the success of these attacks is guaranteed. After all, the U.S., China and Russia are still the most advanced actors in the field of cybersecurity.
However, Trump’s stance of underestimating the significance of cyber threats as well as the administration’s aggressive approach towards the Iranian regime are major motivating factors for pursuing a cyber-hostile agenda. If the U.S. wants to minimize the risk of such a scenario, it should implement a comprehensive cybersecurity plan swiftly.
