By Jubin Katiraie
The US military’s cyber forces launched a digital strike against Iran’s military computer systems on Thursday, at roughly the same time that Donald Trump cancelled a conventional military strike in retaliation for Iran’s takedown of a US surveillance drone.
Two US officials said that the cyber strikes were approved by Trump, while a third provided the outlines. The trio spoke anonymously because they are not authorized to speak publicly about the action.
These cyber attacks have disabled Iran’s computer systems controlling its rocket and missile launchers; specifically, those operated by the Iranian Revolutionary Guard Corps (IRGC). The IRGC, which the US blames for the oil tanker attacks earlier this month, was designated a foreign terrorist group by the US earlier this year.
There was no immediate reaction from Iran.
Tensions have been rising between the US and Iran ever since the US withdrew from the 2015 nuclear deal last year and began reimposing sanctions as part of a “maximum pressure” campaign to bring Tehran back to the negotiating table for a fairer agreement that deals with Iran’s other malign activities, including its ballistic weapons programme, regional warmongering, support for terrorism, and human rights abuses.
These are just the latest example of cyber attacks between the two nations. In recent weeks, hackers believed to be working for Tehran targeted US government agencies and private firms linked to the finance and energy sectors. According to cybersecurity companies CrowdStrike and FireEye, this began shortly after the US increased sanctions on Iran’s oil industry in May. It is unclear whether the hackers gained access to the targeted networks through their spear phishing campaign.
John Hultquist, director of intelligence analysis at FireEye, said: “You can absolutely expect the regime to be leveraging every tool they have available to reduce the uncertainty about what’s going to happen next, about what the US’s next move will be.”
The Iranian actor responsible, called “Refined Kitten” or APT33, has spent years targeting the energy and defence sectors of the US and its allies, including Saudi Arabia and the United Arab Emirates.
Cybersecurity and Infrastructure Security Agency Director Christopher C. Krebs said he has been working with the intelligence community and cybersecurity partners to monitor Iran’s cyber activity and ensure the safety of the US and its allies.
While the National Security Agency said: “In these times of heightened tensions, it is appropriate for everyone to be alert to signs of Iranian aggression in cyberspace and ensure appropriate defences are in place.”