We've detected you are on Internet Explorer. For the best Barrons.com experience, please update to a modern browser.

Iranian Cyberattacks Are Coming, Security Experts Warn


COMMENTARY
  • Order Reprints
  • Print Article
Illustration by Kelsey Niziolek
Text size

Iran’s campaign of terrorism, sabotage, and cyberattacks has been building for months. In May of last year, as the United States government deployed the USS Abraham Lincoln and B-52 strategic bombers to the Middle East, we Iran would continue to press its advantage and test American resolve. It has done just that. There is more to come.

Since May, Iran has shot down a U.S. drone, launched a major missile attack against Saudi Aramco, killed an American contractor in a rocket attack in Iraq, and attacked the U.S. Embassy in Baghdad, to name just a few. And while there is not clear reporting about Iran launching a significant cyberattack against the United States in recent months, such an attack is likely.

777彩票地址Over the last decade, Iran has repeatedly hit the U.S. and our allies with both disruptive and destructive cyber attacks. They have done so with precious few impactful public consequences. In 2012 and 2013, Iranian hackers engaged in nearly weekly distributed denial of service attacks on U.S. banks and went after a dam in Rye Brook, New York. In 2014, Iran attacked the Las Vegas Sands Corp., destroying data and bricking computers. These attacks mirrored Iranian efforts against Saudi Arabia in 2012 and 2018, and were supplemented more recently by the targeting of American critical-infrastructure companies and others for long-term penetrations.

777彩票地址Iran has been outed publicly for these cyberattacks. But like our historically limited response to physical attacks against American soldiers in Iraq by Iranian proxies since 2011, the U.S. government’s reaction has largely been restricted to alleged covert or clandestine cyber responses and economic sanctions.

777彩票地址That, of course, ended in a big way in recent days with U.S. airstrikes on Iranian proxies and the drone strike killing Iranian military commander Qassem Soleimani and others. For the first time in recent memory, the president sought to impose clear military costs on Iran designed to stop attack planning and deter further aggression. Secretary of State Mike Pompeo told the press and the public that the United States had intelligence Soleimani was in Baghdad to plan attacks against Americans and our interests throughout the region.

What is not surprising about these events is how we got here. Iran’s ever-more provocative activities were designed to see just how far they could push the United States. Having watched the United States largely ignore Russia’s invasion of Ukraine, China’s building of artificial islands in the South China Sea, numerous North Korean missile and weapons tests, and the Russian efforts to manipulate U.S. elections in 2016, Iran estimated that the U.S. response would likely be no more than stiff words, new military deployments, covert cyberattacks, and economic sanctions.

777彩票地址They were wrong. The president took stiff action and has said he is willing to do so again. So what does Iran do in response now that the U.S. has laid down a clear marker? And what can American industry do to prepare for the inevitable?

777彩票地址Given Iran’s long history of conducting large-scale cyber campaigns, and the fact that they should (correctly) assess that the president is willing to take the fight to them, Iran’s retaliation will likely be calibrated to avoid provoking a crushing U.S. response. While Iran’s action might take the form of an overseas terrorist attack, we believe that a more limited cyberattack against the U.S. government, U.S. companies in key sectors, or our allies in the region—or all three—is more likely.

777彩票地址If we are right, and Iran is preparing just such an attack, American industry and the government needs to work fast to get ahead of it. Iran’s history of cyber activities suggests they are likely to target key areas like financial services, energy, oil and gas, health care, and core federal systems, including the Department of Defense and its industrial base. Iran’s response is likely to be sustained, as it feels the need to be seen to be responding substantively to the U.S. strike.

777彩票地址Expecting individual companies to defend themselves against a nation state with virtually unlimited financial resources and human capital does not make sense. Yet today that is our national policy in cyberspace. This is so even though, in every other context, defense against nation-state attacks is the province of the government. We don’t expect Target or Walmart to have surface-to-air missiles to defend against Russian Bear bombers. Yet when it comes to cyberspace, we expect exactly that of every American company, large or small. This is due in part, to the fact that the government simply cannot see attacks against critical infrastructure in time to block the attack, as we can do in the physical space.

777彩票地址In the long run, as a nation, we need to change this and provide the government with the ability to have real-time situational awareness of cyberspace to “provide for the common defense.” Given where we are today, though, the key thing companies can do immediately is to implement systems and capabilities to work together—across companies and industries—to share actionable threat intelligence in real time, at machine speed. Such sharing can allow the detection of unknown threats by leveraging cross-domain knowledge and will allow smaller companies to leverage the capabilities, investment, and human capital of larger players, while allowing those companies access to the broader footprint of the numerous smaller players being targeted by savvy attackers looking for less well-defended targets.

777彩票地址Such a collective defense capability, of course, should also have major participation from the government. Washington has for too long talked about classified threat-sharing but has yet to take action in a major way across multiple sectors. Given the threat, now seems like a good time to start sharing actionable, classified threat information with vulnerable industries at speed and scale. In many ways, doing so would be a strong first step to establishing the kind of relationship between government and industry that could eventually permit the creation of the kind of situational awareness needed for full-scale national defense.

These actions won’t eliminate the risk, but they will make our nation more defensible. And given the threat we likely are facing in the near term, there could hardly be a more important task ahead for government and industry alike.?

Gen. (Ret) Keith B. Alexander is the former director of the U.S. National Security Agency and the founding commander of United States Cyber Command. He currently serves as chairman and co-CEO of IronNet Cybersecurity, a startup technology company focused on network threat analytics and collective defense.

Jamil N. Jaffer is the former chief counsel of the Senate Foreign Relations Committee and a former associate counsel to President George W. Bush. He currently serves as vice president for strategy, partnerships, and corporate development at IronNet Cybersecurity.

Commnts? mailto:editors@barrons.com


7072彩票开户 7k彩票网网址 963彩票开户 7073彩票网址 689彩票邀请码 7073彩票注册 8炫彩彩票app 7073彩票登录 66顺彩票app 6d彩票开户登陆