Modern field guide to security and privacy

How an Iranian nuclear deal could trigger cyberconflict

What we learned from a panel discussion at the Atlantic Council about Iran’s growing cybercapabilities.

The US and other major world powers just reached an interim agreement with Iran aimed at curbing that country’s nuclear program – but experts say this might increase the risk of digital conflict in an already tense region.

The Atlantic Council held a panel discussion about the the future of Iran’s cybercapabilities on Wednesday and Passcode was the exclusive media partner. 

Here's what we learned:

A nuclear deal may inflame the risk of cyberconflict in the region. Whether or not you like the framework agreement, says James Jones, a retired United States Marine Corps general and a former US National Security Adviser, there are still many outstanding national security flashpoints in the region

There’s the war in Syria, in which Iran supports strongman Bashar al-Assad. And there’s Iran’s hostility toward Israel, support for recognized terrorist groups and for Houthi rebels in Yemen, and allegations of hostile actions in cyberspace. The US and its allies will continue to oppose Tehran on these issues, Mr. Jones said. “No nuclear deal is going to change that fact. In fact, the framework nuclear agreement in the context of rising regional tensions could actually inflame the risk of major cyberconflict in the region,” he said.

If sanctions are lifted, Jones added, it’s possible an “emboldened Iran” will “become more aggressive in supporting proxies in the region, and continue to undermine the United States allies in the region through cyber attacks.” In light of increased tensions, the US and its allies in the Gulf should prepare for more a more aggressive Iranian cyberposture, he said. That said, failing to clinch a nuclear deal is also risky. “Tensions are certain to escalate … including in the cyber domain.”

Stuxnet crippled Iran’s nuclear capability, but it also helped build its cybercapabilities. With so much attention focused on Iran’s nuclear program right now, the topic of Stuxnet – the computer worm ordered by the US to quietly attack Iran’s nuclear facilities – was at the front of many security experts’ minds. JD Work, research director at the Cyber Conflict Documentation Project, said the “unprecedented degree to which Stuxnet was discussed in the West has led to hardening measures that we are aware of, occurring at several of their nuclear facilities.” These hardening measures, he said, may reduce the ability to bring cyber options to bear against those networks in the future.

The ramped-up defense doesn’t stop at the nuclear facilities, experts said. “Stuxnet was kind of an awakening for that in cybersecurity matters, the country realized … that building the national cybercapability was just the next natural step,” said Andretta Towner, senior intelligence analyst at security firm CrowdStrike. In fact, the tools Iran was likely used to track dissidents within its borders – such as remote access tools and key loggers – are the same type of tools that are used in cyberespionage campaigns, Towner said. “We have even seen, in some cases, where an adversary previously targeting dissidents opened up its targeting to other agendas.”  

China and Russia have long been viewed as major cyberpowers, but Iran could soon be a rival. Iran’s national budget for cybersecurity has increased by 1,200 percent in the past three years, Towner said. Some notable suspected attacks include the destructive attack on oil and gas company Saudi Aramco in August 2012, in which data was destroyed on tens of thousands of computers, and distributed denial of service attacks against American banks the following year. All this means, she said, Iran “is definitely not a tier three country anymore.” If the NCAA college basketball tournament were the analogy, Towner said, “they’re into the final four.” 

Two quotes to remember:

“We do not know what a strong deterrence posture looks like in cyber. I think we’ve been talking about it or a very long time, and we have not yet demonstrated actions which would create a deterrent capability, and we have not demonstrated the political will to employ a deterrent capability in a way that would forestall future unacceptable actions by other states.” – JD Work, who wants the national security establishment in the US and European Union to come to a consensus on acceptable behavior in cyberspace – and enforce it.

“They don’t want to be one of the last countries to have adequate cybercapability. But they also maybe have obstacles in openly funding different organizations throughout the [Iranian] regime.” – Andretta Towner, who says it’s beneficial for the Iranian security apparatus to have a relationship with semilegitimate security companies because it gives them deniability for attacks – and a way to, essentially, fund an emerging cybersecurity industry in the country.

Top tweet:

 

You've read  of  free articles. Subscribe to continue.
Real news can be honest, hopeful, credible, constructive.
What is the Monitor difference? Tackling the tough headlines – with humanity. Listening to sources – with respect. Seeing the story that others are missing by reporting what so often gets overlooked: the values that connect us. That’s Monitor reporting – news that changes how you see the world.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.

QR Code to How an Iranian nuclear deal could trigger cyberconflict
Read this article in
https://www.csmonitor.com/World/Passcode/2015/0409/How-an-Iranian-nuclear-deal-could-trigger-cyberconflict
QR Code to Subscription page
Start your subscription today
https://www.csmonitor.com/subscribe