Iran’s Cyber Revenge

In 2010, the United States and Israel reportedly attacked Iran’s nuclear enrichment center using a computer worm that caused about 1,000 centrifuges to self-destruct.  From recent reports by cybersecurity firms Norse and Cylance*, it appears that Iranians have begun a cycle of cyber retaliation. Unlike nuclear technology, cyber tools provide Iran with a usable weapon with the added bonus of plausible deniability.

The New York Times examined the Norse and Cylance* reports, as well as information gathered from American intelligence officials, and detailed their findings in an article on Iran’s recent cyber developments.  According to the article, despite international sanctions, Iran has greatly increased the frequency and skill of its cyberattacks.

American intelligence officials are concerned about Iran’s cyber capabilities, but according to the article, the concern has nothing to do with sophistication.  While Iran’s cyber capabilities are not as advanced as Russia or China, their attacks are the most concerning because they are aimed more at destruction. The destructive cyber attacks are the category of attacks that could escalate into attacks on critical infrastructure.

Norse and Cylance* report the same thing: Iran’s cyber attacks are politically motivated with a focus on retaliation.  Iran is believed by many to have attacked American banks in retaliation for sanctions. Iran has also been identified as the source of the 2012 attack on Saudi Aramco, in which hackers wiped out data on 30,000 computers, replacing it with an image of a burning American flag.

However, the reports also indicate a move away from ostentatious attacks toward quieter reconnaissance.  As for the degree of escalation, the reports are mixed.  Cylance* reports that in the recent months (potentially due to the recent nuclear negotiation talks) there has been a notable drop in cyber activity.  On the other hand, Norse (“which says it maintains thousands of sensors across the Internet to collect intelligence on attackers’ methods”) detected more than 900 attacks, on average, every day in the first half of March, showing no signs of Iran slowing down.

There is also evidence in the reports supporting the fear that Iran will escalate cyber attacks by targeting critical infrastructure: From the NYTimes article:

In some cases, they appear to be probing for critical infrastructure systems that could provide opportunities for more dangerous and destructive attacks. . . . Cylance researchers, for example, noted that Iranian hackers were using tools to spy on and potentially shut down critical control systems and computer networks in the United States, as well as in Canada, Israel, Saudi Arabia, the United Arab Emirates and a handful of other countries. . . . Norse says it saw evidence that Iranian hackers probed the network of Telvent, a company now owned by Schneider Electric that designs software to allow energy companies and power grid operators to control their valves and switches from afar.

In 2010 the Stuxnet worm proved to be a cyber “win” for the United States, but just as in non-cyber warfare, winning the battle is not the same as winning the war.  To read the full New York Times article, click here.

For the full Norse report, click here: Norse: The Growing Cyber Threat from Iran

*It is unclear which Cylance report NYTimes is referring to, as they do not link any report to their article.  The most recent report concerning Iran is the Operation Cleaver report. The Crossroads Blog posted an in-depth discussion of this report, accessible here:  For the report itself, click here: Cylance – Operation Cleaver Report


Please follow and like us:

Tags: , , , ,

Leave a Reply

You must be logged in to post a comment.


Untitled Document
Professor William Snyder

Professor William C. Snyderis a member of the faculty of the Institute for National Security and Counter-terrorism at Syracuse University after fifteen years with the United States Department of Justice.

Ryan D. White

Ryan D. WhiteRyan is currently a third year law student at Syracuse University College of Law, and is also pursuing a Master of Public Administration degree from Syracuse’s Maxwell School of Citizenship and Public Affairs. Ryan spent time with Homeland Security Investigations while pursuing his undergraduate degree at Wesleyan University, and spent his first summer of law school as clerk for the U.S. Attorney’s Office in the Western District of New York. He is a member of Syracuse Law Review, the Journal on Terrorism and Security Analysis, and participates in the Veteran’s Legal Clinic. Full biography

Shelby E. Mann

Ryan D. WhiteShelby is a second year law student at the Syracuse University College of Law. She is the 2018-9 Editor in Chief of the Syracuse Law Review, as well as a member of the Journal on Terrorism and Security Analysis, and the senior editor for the Syrian Accountability Project. During her final year at the University of Missouri, she served as a full-time news producer for ABC 17 News. Shelby spent her first summer of law school at the Shelby County District Attorney General's Office in Memphis, Tenn., in the Public Corruption and Economic Crimes Unit. Full biography

Christopher w. FolkChristopher W. Folk

is a 2017 graduate of SU College of Law. A non-traditional student, Christopher returned to academia after spending nearly twenty years in the high tech industry. Christopher served in the Marine Corps, graduated from Cornell University with a B.S. In Applied Economics and Business Management, attended Northeastern University’s High-Tech MBA Program and received a M.S. In Computer Information Systems. Christopher previously worked in Software Engineering. Christopher is currently serving his second term as Town Justice for the Town of Waterloo. Christopher externed with a Cybersecurity firm in the Washington, D.C. area between his first and second year at SU College of Law. Full biography

Anna Maria Castillo

Anna Maria Castillois 2016 graduate of Syracuse College of Law. She also holds a Master of Arts in International Relations from Syracuse University's Maxwell School of Citizenship and Public Affairs. She has interned at a London-based think-tank that specializes in transnational terrorism and global security and at the legal department of a defense contractor. She served as an executive editor in the Syracuse Law Review. Full biography

Jennifer A. CamilloJennifer A. Camillo

is a 2015 graduate of Syracuse College of Law and is a prosecutor. She has served as a law clerk in the United States Attorney’s Office for the Northern District of New York and the Cayuga County District Attorney’s Office and as an extern in the Oneida County District Attorney’s Office. She was a member of the Syracuse National Trial Team and was awarded the Tiffany Cup by the New York Bar Association for her trial advocacy achievements.

Tara J. PistoreseTara J. Pistorese

holds Juris Doctor and Masters of Public Administration degrees from Syracuse University's Maxwell School of Citizenship and Public Affairs and its College of Law. She wrote for this blog when a student. She is now a member of the U.S. Army Judge Advocate General's Corps.

Benjamin Zaiser

is both a scholar and a Federal Agent of the Federal Criminal Police Office of Germany. (Opinions expressed here are his own and not any part of official duty.) Full biography


Follow by Email