In response to Iran’s attacks on oil tankers and the downing of a surveillance drone, the United States Cyber Command launched cyber attacks against Islamic Revolutionary Guard Corp’s missile systems, according to news reporting
Per sources, the attack crippled computers used to control some of Iran’s rocket and missile launchers. Iran immediately denied that the attack was successful, although officials confirmed that cyber attacks were transpiring. Details of how this attack was deployed remains vague, as such military equipment is generally considered a hard target not easily accessible by remote operations. Even the 2010 Stuxnet attack required a person direct access to the target to deploy the malware via a USB key. However, some have pointed out the interconnected nature of these weapons systems (e.g., radars, command and control systems, etc.) which may have at one time been connected to the Internet. It will likely be a while before more details emerge.
Regardless if the attacks achieved the commander’s objective, the incident provides insight into how states may be viewing the applicability of cyber weapons as a form of punishment for proportional retaliation. Unsurprisingly, use of cyber weapons summons the panicked clarion call that cyber war is here although the activity that has been ascribed to states or their proxies in the past has been less than spectacular. Distributed denial-of-service (DDoS) attacks, wiper malware, cyber crime, ransomware, and cryptocurrency mining are less intimidating and impressive than other more conventional weapons of war.
Also, it remains to be seen if there will be a follow-up in cyberspace, largely because response actions are generally reviewed in proportional standards. Since a cyber attack was conducted to respond to a kinetic action, there is a chance that the targeted state may not view the reciprocity scales as being balanced. As such, it is possible that an additional cyber response may follow suit. This is not a unique sentiment as a recent article raises this very point, warning that state actors or non-state sympathizers could respond with follow-on cyber attacks against public and private sector entities. With alleged hacking activities directed against a critical U.S. infrastructure target in 2016, such concerns are not without merit.
However, absent escalating and expanding cyber activities, it would be a mischaracterization to label isolated cyber attacks as a full-blown ongoing digital conflict, or “war.” Indeed, most of the activities attributed to state entities or their proxies is more reminiscent of a cyber-one-upmanship designed to dispense punishment. Like a sheepdog nipping at the heels of a wayward lamb, state-on-state cyber strikes appear more intent on registering displeasure or correcting bad behavior than defeating an adversary, or at least rendering the unable to operate in cyberspace.
Temporary loss of connectivity via a cyber attack is not equivalent to achieving digital or informational supremacy, one of the key objectives in military warfighting doctrine that seeks to enable one’s own actions while deterring an adversary’s ability to do so. It does however make a point that a transgression was experienced, and retribution was sought out and meted.
While “cyber war” still remains on the fringe, state willingness to employ cyber weapons is gaining public traction, largely because they haven’t reached a threshold of inciting a full-blown kinetic or digital war. As long as cyber attacks don’t create a disastrous effect (e.g., against infrastructures that cause loss of life), they are gaining acceptance as a viable state option in response to geopolitical events. This may be one reason that cyber attack attribution – once cautiously couched in the news – is freely given, regardless of evidence. Naming states outright relinquishes the need for secrecy over who did what to whom, as clandestine discretion is only required at the planning and operational phases.
As the veil of anonymity further sags in front of nation state cyber activity, cyber attacks are proving to be best leveraged as a tit-for-tat exchange or covert action than a tool of deterrence. Failing to understand the practical applications of cyber attacks occurring in the present risks understanding the evolution of how they can and will be used short of state-on-state conflict. And that period of time is the one that should concern us all.
About the Author
Emilio Iasiello has more than 12 years’ experience as a strategic cyber intelligence analyst, supporting US government civilian and military intelligence organizations, as well as the private sector. He has delivered cyber threat presentations to domestic and international audiences and has published extensively in peer-reviewed journals and blogs. Follow Emilio on Twitter