If you assassinate a senior political leader in 1914, you can expect a traditional war to follow. If you assassinate a senior political leader in 2020, it would be foolhardy to assume that only a traditional war will follow.
So as the U.S. prepares to deal with fallout from the killing of Iranian General Qassem Soleimani, we must assume, anticipate, and expect that a primary mode of retaliation from Iran will be a cyber attack. And we must prepare for civilians to be caught in the crosshairs.
Most Americans have no idea how to protect themselves from any kind of cyber crime, let alone an offensive, aggressive, and intentionally overt retaliatory attack. Here’s what you need to consider.
“We have been at war with Iran for more than a decade, and people just didn’t realize it,” says James Lewis, the Senior Vice President and Director of the Technology Policy Program at the Center for Strategic and International Studies.
The U.S. and Israel targeted Iranian nuclear facilities with the Stuxnet attack in 2009; the attack was intended to cripple Iranian efforts to enhance their nuclear arsenal. For a time it worked; however, as a result, Iran has been improving its own cyber-capability. Like every new weapon introduced in every war theatre in our recorded history, the weapon that once helped gain an advantage can and is now being targeted against us.
“Iran has been linked to global financial attacks as well as destructive attacks via wiper malware, and increasingly leverages social media for disinformation and pro-regime propaganda,” says Andrea Little Limbago, the Chief Social Scientist at Virtru.
In November 2019, reports came out that Iran was carefully and directly targeting 2,200 facilities with a strong focus on critical infrastructure and critical control systems that regulate our water and electrical grids. While Iran’s capacity to attack is not considered as sophisticated as China or Russia, Peter Singer, a strategist for the think tank New America, emphatically counters, that “to say they have no capability is nonsense.”
An Israeli general put it a slightly different way in 2017 when he said, “They are not the state of the art, they are not the strongest superpower in the cyber dimension, but they are getting better and better.”
“Cyber is the only thing that gives [Iran] the long range reach,” Lewis says. “It’s the easiest way for them to do anything in the U.S.”
The rising specter of cyber attacks and ensuing public anxiety highlights that we have very little idea about how to prepare for or respond to an attack on the individual level. The government approach to cybersecurity is largely dependent on where the attack occurs: domestic versus abroad, military versus civilian targets. However, the Department of Homeland Security will issue a statement over the threat level, like it did this past weekend, and coordinate and alert the public.
Additionally, a cyber attack with broad public implications will see similar emergency activation services like any other large public threat, such as hurricanes or snowstorms. The problem? We probably won’t know in advance, and it could take out massive aspects—even for short durations—of our critical infrastructure: power, water, television, internet, and cell phone communication networks.
We should and can trust the government to respond to aggressive overtures from a foreign nation. However, we shouldn’t allow our faith in the government to be a cover for our own ignorance about geopolitical threats. At its best, our government is a reflection of the shared intellect of its people. At its worst, it’s a reflection of the ignorance of the population.
To stay educated on cyberthreats, consider following popular resources like:
Iran has gone after commercial and enterprise related information systems. However, these are primarily in oil and gas, SCADA, and other critical infrastructure-related systems. If you work in those environments, you should be particularly cautious.
Threats from China, Russia, or other nations only have the potential to increase in the heightened state of the current environment. This is because a nation or criminal actor wishing to sow dissent could attack the U.S. and attempt to pin attribution on Iran. Chaos in the system creates opportunity for malicious actors.
This means you should follow the basics of good cybersecurity protection:
For more tips on general cybersecurity hygiene, visit Don’t Click on That.
“I don’t want to sound alarmist, but the risk of a cyber attack from Iran is higher now than it has ever been,” says Mike Sexton, Program Director at the Middle East Institute. “That’s not necessarily to say that a cyber retaliation is likely, but that we’ve been rolling dice with Iran for a decade in cyberspace, and we’ve just started using a very dangerous new pair of dice.”
The escalation of war could take a number of different scenarios, such as attacking our nuclear program which was recently put online, attacking our satellite infrastructure—which has weak defense mechanisms in place—or attacking a major city. However, Iran is currently unlikely to make an escalation of this level, according to several senior policy leaders and officials.
Instead, we should anticipate that Iran will look for high-profile events (like the U.S. election) to disrupt, or smaller targets that send a message, but don’t risk catastrophic retaliation. This may include second- or third-tier American cities like Tulsa, Tucson, or Toledo.
“[Iran is] looking for vulnerable targets in places that will get attention,” Lewis says. “It’s easier for them to target in the Middle East, but they have probed smaller targets in the U.S.”
Specifically, experts warn against attacks on our oil and gas infrastructure. Iran has ample knowledge of oil and gas infrastructure, has shown a targeted effort to hack systems that support oil and gas, and know they’re a critical foundational resource in the American economic system. As such, there’s also heightened concern about the potential targeting of those pipelines in the U.S. Disabling a pipeline could result in a disruption of service, an explosion, or cause an oil spill.
And it doesn’t need to be an actual explosion, Singer says. Sometimes the threat of an attack is enough if rumors of the attack is then propagated through social media. A tweet of misinformation can cause widespread confusion and chaos. As in all things, double check your sources. If you didn’t trust them before, don’t trust them now.
Here’s the good news: It’s unlikely that Iran will respond to the assassination with a cyber attack that will cripple the U.S. for a long period. The risk to Iran isn’t worth the unknown escalatory and retaliatory attack from an administration that’s difficult to predict. As such, we should anticipate a pointed, but smaller scale attack that will shake us, but not destroy the foundations of our country.
That being said, if we don’t learn to protect ourselves individually and collectively, educate ourselves and elect officials who can further protect us, or become wise to and aware of the state of the world around us, we’ll destroy the foundations of our country all on our own.