In the past weeks, much attention has gone toward the possibility of tensions with Iran spilling over into cyberspace. But the reality is that cyber warfare with Iran is already more than a decade old. The question is not, “Could it happen?” but instead, “What will the next chapter bring?”
The origin of a cyberwar with Iran can be traced back to the 2009 Stuxnet attack on Iran’s Natanz uranium enrichment plant which disrupted its development of nuclear weapons. The attack has largely been attributed to Israel and the United States. Since that time, Iran, which presently does not have the sophisticated cyberwarfare capabilities of the United States, Russia and China, has nonetheless vastly expanded its cyberwarfare program.
In 2012 and 2013, Iranian hackers attacked large American banks such as Bank of America, JP Morgan Chase, Wells Fargo and Citigroup through a denial-of-service attack that temporarily took their computers offline. A denial-of-service attack renders a website inoperable by flooding it with excessive traffic. Seven Iranians were indicted by a New York grand jury for these attacks.
Also in 2013, Iranians hacked into the control system of a New York dam. In 2014, Iranian hackers attacked the computers of the Las Vegas Sands Corp. whose CEO, Sheldon Adelson is a vocal supporter of Israel who has advocated for a hard line against Iran.
In 2018 nine Iranians were indicted on charges related to the hacking of hundreds of universities and companies in an effort to steal data. And in 2019 Iranian hackers attacked 30,000 computers at Saudi Aramco, the world’s largest oil company, destroying data and temporarily halting half of Saudi Arabia’s oil production. According to the Defense Department’s Cyber Command, Iran has surreptitiously been probing a wide swath of American infrastructure such as the electric grid as well as government and corporate computer networks.
Iran Briefing | News Press Focus on Human Rights Violation by IRGC, Iran Human Rights