Cyber Warfare Role in Iran

“Cyber Warfare has been started in Iran, and it has taken some serious turns. What are those, and what happened? Let’s talk!”

The US and Israel have no qualms about using their military might to strike Iran.

US Central Command has been sharing images and videos of the various weapons, aircraft, and ships being utilized on social media every few hours.

However, when it comes to what is going on in cyberspace, the US and Israel are far more evasive.

Cyber operations are hardly mentioned in hours of speeches, news conferences, and dozens of social media posts.

However, Iranian hackers claim to have launched their first significant cyberattack on a US business during the crisis on Stryker, a US medical technology company.

And as US Central Command Commander Admiral Brad Cooper recently implied in a news release, cyber is in fact playing a big part in this conflict.

Brad Cooper, Admiral, US Central Command

“We keep attacking Iran from space and the internet to the seabed.”

Here is what we know about the several kinds of cyber operations that are being conducted, along with some insights into contemporary warfare.

Before the firing of missiles

It is well known that hacking and cyber-espionage contribute significantly to “pre-positioning” for conflict.

In a news conference, General Dan Caine, the chairman of the Pentagon’s Joint Chiefs of Staff, explained how months or perhaps years of preparation went into creating the so-called “target set” for strikes, which made the war possible.

Hackers from the US and Israel may have gained access to important Iranian computer networks well in advance of any planned actual attack.

High-priority targets would have been computer networks used for military communications or air defense.

Unnamed sources told The Financial Times that Israel had hacked traffic cameras and CCTV to build a massive surveillance network and identify the “patterns of life” of Ayatollah Ali Khamenei and his commanders in advance of the operation that killed him.

Sergey Shykevich, Threat Intelligence Expert, Check Point, Cybersecurity Company

Because they “offer real-time situational awareness of streets, facilities, and movement at very low cost,” internet-connected cameras are now a target in cyberwarfare.

This type of information, according to commentators, would be utilized in conjunction with more conventional intelligence, including that obtained via human spies.

Tal Kollender, Former Israeli Military Cyber-Defence Specialist, Remedio, Founder of Cybersecurity Platform

“Cyber is typically a force multiplier that helps create the information environment and supports operations taking place on the ground rather than being the decisive weapon on its own.”

Following the initial strikes, Gen. Caine called US Cyber Command and US Space Command personnel the “first movers” who disrupted and “blinded Iran’s ability to see, communicate, and respond” in a press conference.

For example, some observers claim that mobile phone towers were turned off or jammed to keep the Ayatollah’s security crew from being alerted to impending jets.

Although this has been observed in other conflicts, such as the crisis in Ukraine, it is not confirmed.

In a more recent news conference, US Defense Secretary Pete Hegseth boasted that Iranian military personnel “can’t talk or communicate, let alone mount a coordinated and sustained offensive.”

The remarks are similar to what President Trump said about how successful the kidnapping of Venezuelan President Nicolas Maduro was.

 

Pete Hegseth, Secretary, US Defence

“Because of our competence, Caracas’ lights were mostly shut off.”

The president went so far as to commend his cyber forces for that particular operation in the recently released US Cyber Strategy, claiming that they rendered “our adversaries blind and uncomprehending during a flawless military operation.” However, it is unclear whether he was referring to a cyberattack.

Additionally, Israel is suspected of hacking BadeSaba, a well-known Iranian prayer-timing software with 5 million users.

Report

Users received a push notification stating “help has arrived” as soon as the bombs started to go off.

This week, Secretary Hegseth discussed the ongoing operation of “hunting for more systems to kill” and how cyber may play a part in this stage of the war, with operatives using open source intelligence, satellite imagery analysis, and cyber-espionage to locate military targets in Iran. Secretary Hegseth has held numerous press conferences outlining the scope of powers the US has.

This work also likely makes extensive use of Artificial Intelligence (AI) techniques. Hegseth may have hinted at this once more when he complimented an intelligence agent he observed in action.

Pete Hegseth, Secretary, US Defence

“I was speaking with a young colonel who is refining our strategy for identifying and correcting various aspects of what the Iranians are attempting.”

Fog of cyberwar

Significant cyberattacks against Iran have long been carried out by the US and Israel, who are notoriously covert about them.

For instance, officials are still evasive on the 2010 devastating Stuxnet attack on Iran’s nuclear enrichment facilities.

Additionally, Israel has been accused of employing the hacktivist organization Predatory Sparrow to cause a meltdown at Iranian steel factories in 2022.

 

Tal Kollender, Former Israeli Military Cyber-Defence Specialist, Remedio, Founder of Cybersecurity Platform

“A nation runs the danger of disclosing methods, access points, or intelligence sources that could be swiftly shut down by enemies if it publicly details its capabilities or particular operations.” “The value of a capability in cyberspace frequently rests on the opposite side’s ignorance of how it operates.”

 

In spite of this, the material the US is revealing has pleasantly pleased Dr. Louise Marie Hurel of the Royal United Services Institute.

However, she contends that the war has demonstrated that in order to uphold rules of engagement, cyber should be discussed in the same manner as conventional combat.

Dr Louise Marie Hurel, Royal United Services Institute

This is a chance for us to have a more open discussion about the strategic benefit and support that cyber offers in larger military operations and emergencies. “The issues of proportionality, the laws of armed conflict, and what constitutes a use of force can be clarified if cyber is openly recognized as a crucial component of the strike package.”

Where is Iran?

Iran has been conspicuously missing in the cyber sphere, which is a perplexing aspect of the ongoing conflict.

The hacking of Stryker, a significant US medical technology business, was originally disclosed on Wednesday and is now the most prominent attack associated with the country.

Iran has long been considered a strong cyberpower, and while the Western cybersecurity community is prepared for attacks by the state or state-affiliated hackers, there hasn’t been much action thus far.

In the Stryker incident, a message alleging that data had been deleted in a “wiper” attack by an activist organization sponsored by Iran was posted on the company’s employee login and repeated by Iran’s state TV.

Stryker stated that its devices were safe to use and that it was trying to put an end to the inconvenience in a Thursday morning update.

Iran has either been overestimated or rendered crippled by alleged Israeli strikes, as it seems unlikely that they are holding back in this conflict.

Attacks such as the 2012 breach of longtime foe Saudi Arabia’s oil firm Aramco, which utilized wiper software to destroy 30,000 systems, have earned them notoriety.

The medical technology company Stryker was reportedly the target of a wiper malware attack on Wednesday by the Iranian-affiliated hacking organization Handala.

Iran has been charged with trying to interfere with vital national infrastructure to cause physical harm, in addition to wiper attacks.

Hurel warns against discounting Iran’s potential for direct or vigilante hacker group retaliation.

Dr Louise Marie Hurel, Royal United Services Institute

“I wouldn’t draw hasty judgments about Iran because there has been a lot of hacktivist activity, and recent public reporting has revealed that patriotic hacker personas have occasionally been utilized as a front for state-affiliated organizations.”

About The Author

Suraj Koli is a content specialist in technical writing about cybersecurity & information security. He has written many amazing articles related to cybersecurity concepts, with the latest trends in cyber awareness and ethical hacking. Find out more about “Him.”

Read More:

Google Patches Two New Chrome Zero-Day Vulnerabilities Exploited in Real-World Attacks

About Author