If you look at military conflicts around the world over the course of history, there’s usually one type of response to being attacked: you hit back. Over the past century or so, that’s traditionally been a response involving troops, ships or aircraft.
While armed forces continue to expand technologically when it comes to modern warfare with advanced drones and smarter weapons, more and more governments are also adding cyberattacks to their arsenal. That includes major world powers like the U.S.
And after a recent incident where Iran shot down an unmanned American drone, the U.S. canceled a conventional military strike in favor of a different response. According to reports, U.S. cyber forces retaliated by attacking Iranian military computer systems in this new age of warfare.
Cyberattacks move more into the mainstream
The use of cyberattacks by world governments has gone on for years, including those targeting U.S. government agencies, businesses and infrastructure. That includes countries like Russia (elections, anyone?), China, Iran and North Korea, but it’s always been in the shadows with no claim of responsibility and therefore no direct response.
Israel changed the rules in early May, however, when they responded to a suspected cyberattack with an immediate military response. The Israeli Defense Force says they stopped a cyber offensive with an airstrike targeting a building believed to be housing Hamas operatives, then took to Twitter about their “successful cyber defensive operation.”
CLEARED FOR RELEASE: We thwarted an attempted Hamas cyber offensive against Israeli targets. Following our successful cyber defensive operation, we targeted a building where the Hamas cyber operatives work.
HamasCyberHQ.exe has been removed. pic.twitter.com/AhgKjiOqS7
— Israel Defense Forces (@IDF) May 5, 2019
Now it’s not just about responding to cyberattacks, it’s responding with cyberattacks. This comes amid escalating tensions between the U.S. and Iran.
Fighting fire with cyber power
It’s been a particularly tense few weeks between the U.S. and Iran, from attacks on two oil tankers to an incident days later when Iran’s military forces shot down a U.S. military drone valued at $240 million. Not only that, but U.S. cyber intelligence agencies have also been reporting that Iranian hackers have recently been increasing their efforts to infiltrate critical U.S. infrastructure.
After the drone was shot down by a surface-to-air missile, President Donald Trump initially planned targeted military strikes last week but later decided against it due to the potential for casualties. First reported by Yahoo! News, U.S. Cyber Command instead launched a cyberattack against Iranian computer systems.
Sources told the Associated Press that U.S. Cyber Command targeted Iranian military computers used to control rocket and missile launches, but no government agency has commented on or confirmed those details.
There was also no confirmation nine years ago when Iran accused the U.S. and Israel of introducing a worm into computer systems that shut down centrifuges at a nuclear facility.
Defending against cyberattacks
Iranian hackers have long been a problem across the country, as the AP reports that a group of Iranian hackers was indicted in 2016 for cyberattacks on U.S. banks and a small dam near New York City. Now those attacks are reportedly ramping up.
In the past few days, the Department of Homeland Security issued a warning that hackers believed to be working for the Iranian government have been targeting U.S. government agencies and industries. Specifically, these hackers are using tricks such as spear-fishing, password spraying and credential surfing attacks (see tweet below).
Read my statement on Iranian cybersecurity threats below. pic.twitter.com/qh7Zp9DBMY
— Chris Krebs (@CISAKrebs) June 22, 2019
Of course, it’s not just organizations at risk from digital bad actors. That’s why it’s important to make sure you also know how to avoid phishing attacks, malware and ransomware.