Iran ‘working systematically’ to build serious cyber-attack capabilities

Revelations about malign plans by Tehran’s leaders serve as the latest confirmation of how seriously the Islamic Republic takes cyber warfare, said Professor Col. (res.) Gabi Siboni, an expert on cyber security.

By Yaakov Lappin, JNS

Recent revelations about Iranian cyber-attack plots serve as the latest confirmation of how seriously Iran takes this arena, a leading Israeli cyber expert has said.

On July 26, Sky News reported that classified documents from Iran “reveal secret research into how a cyber attack could be used to sink a cargo ship or blow up a fuel pump at a petrol station.”

The internal files also include information on satellite communication devices used by the global shipping industry and computer systems that control functions such as lighting, heating and ventilation in buildings across the world.

While the report did not reveal new unknown capabilities, they did demonstrate that Iran is “engaging with cyber warfare in a serious manner,” said Professor Col. (res.) Gabi Siboni, an expert on cyber security, military strategy and technology at the Jerusalem Institute for Strategy and Security.

“The Iranians plan to work in the cybersphere in the most beneficial way for them and most damaging manner for the targets of its attacks—and the target is not just Israel,” said Siboni.

Read  Trump’s Iran strategy could end Middle East wars

According to Sky News, the classified Iranian document was formulated by the Iranian cyber-attack unit called Shahid Kaveh, which is a part of the Islamic Revolutionary Guards Corps’ Cyber Command.

“The papers appear to reveal a particular interest in researching companies and activities in Western countries, including the United Kingdom, France and the United States,” said Sky.

“Such reports are not a surprise, but they do indicate that Iran is working in a highly systematic manner,” said Siboni.

While no state can be totally immune, Israel is highly prepared for state-sponsored, hostile cyber activity, assured Siboni. The Israeli National Cyber Directorate, which ensures that critical private and public sector sites are sufficiently protected, and the Shin Bet intelligence agency, which is involved in preventing cyber attacks, and other organizations are working to keep attackers at bay.

Israel’s cyber-defense organizations are well-drilled and thwart cyber incidents “all of the time,” said Siboni.

The last known major cyber attack occurred in April 2020, when Iran reportedly attempted to poison Israel’s water supply by increasing chlorine levels.

“The Iranians were able to infiltrate in that incident, but they were not able to carry out their plot,” said Siboni. “The level of defense is good, but there is always something to improve. Some countries are more advanced than others when it comes to cyber defense.”

Read  Why Palestinians will not have new leaders

‘The Iranians plots are not theoretical’

Israel’s size and centralized control systems mean that it is easier to defend than large countries with more complex government systems such as the United States, added Siboni.

In June, Italy announced that it was setting up a new national cyber-security agency. Israel set up its own national cyber-defense agency in 2012.

Building suitable defensive capabilities takes time, noted Siboni, and some nations could suffer significantly if targeted by Iran right now.

Iran’s cyber aggression will continue to target not just Israel but other states of conflict, such as Sunni-Arab nations. “It’s an asymmetric weapon. It can be used under the threshold of war, unlike a drone or missile attack on a ship. This makes cyber attacks comfortable to choose [as a recourse]. The Iranians plots are not theoretical,” said Siboni.

Ultimately, there is no clear distinguishing line between cyber and kinetic attacks, argued Siboni.

“Cyber is another tool. Trying to set it apart from other spheres of combat is like trying to differentiate between air power and ground forces,” he said. “One does not only fight an air war. Cyber attacks can deliver results for attackers, but in major wars, it is the kinetic strikes that will continue to dominate for many years.

Read  WATCH: How the IDF prevents weapons from being transferred to Hezbollah via Syria

“Cyber operations will support kinetic attacks,” he continued. “The cyber attacks can cause damage, including physical damage, but it will be the artillery guns and bombs that will do the most damage.”

>