How Can Iran Respond to the Surge in Cyberattacks?

Nidal Kabalan

A recent surge in cyberattacks targeting Iran’s nuclear program, military facilities and assets around the country heralds a new escalatory phase of state-of-the-art hybrid warfare. This means of combat is fast becoming an alternative for the conventional military confrontation everyone is trying hard to avert for their own reasons.

A major cyberattack earlier this month against the jewel of Iran’s nuclear enrichment program at Natanz, coupled with sabotage operations and explosions on a number of military assets around the country, versus a huge explosion aboard a US navy vessel in San Diego, California, serve as examples of what seems to be becoming a recurrent theme in the foreseeable future as tension between Tehran and its adversaries reaches new levels.

Natanz: the Most Serious Cyberattack So Far on Iran’s Nuclear Assets

The cyberattack on Natanz wasn’t the first and most certainly won’t be the last such operation trying to halt or maim Tehran’s nuclear aspirations. In June 2019, the US launched a cyberattack on Iranian weapons systems on as US President Donald Trump abandoned risky air strikes on the country, according to American reports at the time.

Although the specific details of the damage resulting from the recent cyber strike on Natanz has been tightly guarded, the last such attack against Iran is believed to have disabled computer systems controlling rocket and missile launchers. The US administration then said that its action was in retaliation for the shooting down of a US drone as well as attacks on oil tankers that the US has blamed Iran for.

American Sanctions are Also Crippling Iran

The US administration has coupled its cyber warfare against Iran with a new set of stifling sanctions that it claimed were needed in order to “prevent Tehran from obtaining nuclear weapons”, and economic pressure would be maintained unless Tehran changed course. Despite Iran’s repeated assertion that its nuclear program is peaceful, and insistence that it does not seek or condone the possession of nuclear arms “at least for religious reasons,” the US and other regional as well as Western powers remain suspicious of Tehran’s claims. Israeli Prime Minister Benjamin Netanyahu in particular, has been vigorously campaigning against Iran’s nuclear and missile programs, urging his staunch ally Trump to join in a major military operation against Iranian nuclear facilities as well as strategic missile compounds and launcher sites.

Trump’s Decision to Pull Out of the Iran Nuclear Deal

In 2015 Iran reached a deal with six powers — the US, UK, France, China, Russia and Germany — that saw it limit its nuclear activities in return for sanctions relief. The deal restricted Iran’s enrichment of uranium, which is used to make reactor fuel but also nuclear weapons. It was also required to redesign a heavy-water reactor being built, whose spent fuel would contain plutonium suitable for a bomb, and allow international inspections.

Trump abandoned the deal in May 2018 and reinstated US sanctions. He wanted a new deal that would also curb Iran’s ballistic missile program and curtail its involvement in regional conflicts.

Iran refused and saw the value of its currency plummet and its inflation rate soar as the sanctions took effect. When the sanctions were tightened in May 2019, Iran took the first of five steps to “reduce” its commitments under the deal that related to uranium enrichment.

Earlier this year Trump reiterated that he did not want confrontation with the Iranians. “If Iran wants to become a prosperous nation…it’s OK with me,” Trump said. “But they’re never going to do it if they think in five or six years, they’re going to have nuclear weapons.”

“Let’s make Iran great again,” he added, echoing his campaign slogan from the 2016 presidential election. Trump’s sugarcoated remarks fell on deaf ears in Tehran. In January 2020 that the accord moved towards total collapse.

US-Iran Tensions are Likely to Only Get Worse

Tensions between Washington and Tehran escalated much further after a US drone strike in Iraq killed key Iranian general Qasem Soleimani. Iran responded with missile strikes Iraqi bases housing US troops and subsequently declared that it had suspended its final commitment on uranium enrichment. But it stressed that it was ready to reverse course if the US sanctions were lifted.

In response, France, Germany and the UK triggered the nuclear deal’s formal dispute resolution mechanism: the first step towards reinstating international sanctions. Iran warned the Europeans that if they abused the mechanism they would face “consequences”.

The US Department for Homeland Security warned that Iran was stepping up its own cyber-attacks on the US. Christopher Krebs, the director of the Cybersecurity and Infrastructure Security Agency, said “malicious cyber activity” was being directed at US industries and government agencies by “Iranian regime actors and their proxies”. The long and capable long Iranian cyber arm was all too evident in the incident, pundits argued at the time.

They were using “destructive ‘wiper’ attacks”, he said, using tactics such as “spear phishing, password spraying and credential stuffing” in a bid to take control of entire networks. Iran has also been trying to hack US naval ship systems, the Washington Post reported.

The American Maximum Pressure Campaign

The reinstatement of US sanctions last year — particularly those imposed on the energy, shipping and financial sectors — caused foreign investment to dry up and hit oil exports. The sanctions bar US companies from trading with Iran, but also with foreign firms or countries that are dealing with Iran.

The US has launched a series cyberattacks on Iranian weapons systems as Trump pulled out of airstrikes on the country. Besides the United States, Israel and Saudi Arabia are believed to have condoned and contributed to the cyber attacks on Iran; at least this is what the Iranians believe and point fingers at.

The cyberattack last December disabled computer systems controlling rocket and missile launchers, the Washington Post said. It was in retaliation for the shooting down of a US drone as well as attacks on oil tankers that the US has blamed Iran for, the New York Times reported. There is no independent confirmation of this damage to Iranian systems.

The US is tightening the sanctions it had imposed on Tehran, and is set to impose further sanctions on Iran that Trump has described as “major”. He said the sanctions were needed to prevent Tehran from obtaining nuclear weapons, and economic pressure would be maintained unless Tehran changed course.

What are Iran’s Retaliatory Options if Attacks Continue?

Analysts and Iranian affairs experts point out that Tehran is not short of cards should it decide to retaliate to the recent surge in cyber attacks against its nuclear and military facilities. Iran, many observers argue, remains the strongest power in the Persian Gulf and Iraq, along with a strong presence in Lebanon and definitely in Yemen and Syria, where its role received a major boost last week through signing a strategic joint defense deal with Damascus.

Iran has hundreds of thousands – maybe millions – of faithful allied fighters under an array of armed groups and organisations, and could easily target US as well as other interest across much of the region. Recent attacks targeting US convoys in Iraq, ammunition depots in northern Syria belonging to US troops as well as US-backed Kurdish forces, renewed Houthi drone and ballistic missile strikes against strategic Saudi oil installations as well as key military basis, are only a few examples of unilateral or joint military retaliatory actions at Tehran’s disposal, let alone the capability to hamper or if necessary block maritime operations in the vital Straits of Hormuz waterway through which some 40 % of the world’s oil supplies are transported.

Tehran accuses the US, Israel and Saudi Arabia of being behind recent cyberattacks and explosions across Iran. A senior Iranian military commander commenting on the huge explosion aboard a US navy vessel, the USS Bonhomme Richard, in San Diego, California last week, insinuated that the deadly fires were a “Godly reprisal” for America’s crimes against Iran and humanity. Although an Iranian connection to the incident remains a far-fetched possibility, Tehran has a long military and intelligence arm, along with a sophisticated cyber capability that could inflict serious harm and damage over its adversaries in the region and beyond.