A cyberwar between the U.S. and Iran was never announced, but with the advent of the Iran nuclear deal, it suddenly stopped. However, as President Donald Trump threatens to walk away from the nuclear deal it is feared that the war might begin again, Iran News Update reports.
Although an end of Iranian cyberattacks was never the intent of the nuclear deal, it may have been a benefit, according to Robert Malley, the senior White House negotiator on the nuclear deal and now a vice president at the International Crisis Group.
“The nuclear deal was never premised on the notion that it would alter their behavior. Rather, it was based on the notion that blocking Iran’s path to a nuclear weapon was all the more critical given their behavior,” Malley said.
Cyberwar is costly. In 2014, Iranian hackers significantly damaged an American target, costing gambling mogul Sheldon Adelson millions. Adelson is a friend of Israeli Prime Minister Benjamin Netanyahu and a major Republican donor.
“They put great emphasis on tit-for-tat, measure-for-measure type of action. From their point of view, justice is poetic, and when they’re responding, they’re responding in a way that makes the connection to the initial challenge or provocation from their point of view,” Michael Eisenstadt, director of the Washington Institute’s Military and Security Studies Program and an expert on Iran was quoted as saying.
Data recovery, as well as fixing and replacing equipment, cost Adelson an estimated $40 million, according to a Bloomberg investigation of the hack. Since then there have been no known major destructive attacks by Iranian hackers against an American target. Iranian hackers may have conducted cyber espionage against the U.S., Israel, and Saudi Arabia, but it’s been limited, compared to the years that preceded the Sands attack.
Still, in 2008, the U.S., in conjunction with Israel, developed and deployed one of the most destructive cyberattacks ever revealed, the Stuxnet worm. Two years passed before it was discovered, and it caused an estimated 1,000 Iranian centrifuges to malfunction and destroy themselves. It set Iranian nuclear research back by a year or more.
Then, the U.S. imposed additional sanctions against Iran in 2010 and 2011. In response, Iranian hackers began a series of distributed denial of service (DDoS) campaigns against major U.S. financial institutions, including Bank of America, Citigroup, and PNC. A total of 46 companies were hit between late 2011 and early 2013, causing tens of millions of dollars in damage.
In 2013, Iranian hackers also accessed the online control panels of a small dam in Rye, New York, that were left relatively unsecured. However, the intrusion caused no damage, but the threat that a hacker could damage U.S. infrastructure provoked the U.S. in 2016 to employ its rarely used tactic of naming seven Iranians it deemed responsible and charging them with crimes, despite it being unlikely that Iran would extradite them.
When negotiations for the Joint Comprehensive Plan of Action, the Iran nuclear deal, had been completed, and the deal was being implemented, Iran tuned its cyber attentions elsewhere, largely to its neighbor and rival, Saudi Arabia.
While the U.S. hasn’t been attacked in the same way, Meyers said that for 10 years Iranians have conducted surveillance of U.S. targets.
“That has focused primarily on a couple of topic areas,” “Dissidents outside and inside Iran has been a continuous target, aerospace defense sector has been a continuous target, and political intelligence sources, think tanks, things . . . that have insight into U.S. policies, ”Meyers said.
Recent analysis by FireEye, another prominent cybersecurity firm, found that a new Iranian state-sponsored hacking group, has been aggressively spying on major oil companies and military contractors including companies in the U.S. and South Korea.
John Hultquist, FireEye’s manager of analysis, said, “It’s gathering espionage.”
The cyber war between the U.S. and Iran may resume if tensions reach a breaking point, experts say.
“There’s potential for this becoming an issue at any time. We’re not there yet – I don’t know if it’s four months, six months, a year, year and a half down the road. But I think there’s a good chance we’re on a collision course, and I’m pretty sure cyber will play a role,” Eisenstadt said.