The cyber-attack by the Stuxnet worm against Iran's nuclear program, which the West suspects is designed to eventually produce nuclear weapons, was considered one of the most successful moves to date in the confrontation over the Iranian regime's nuclear ambitions. This week, however, concerns were raised at the U.S. Congress that the cyber-attack may have been the "crossing of the Rubicon" for Iran, motivating it to engage in cyber-war against U.S. targets, including critical infrastructure.
"Stuxnet may be proof of Iran's vulnerability and the effectiveness of other nation-states' cyber-arsenals. However, it would also be possible for Iran to gain some knowledge for creating a Stuxnet-like virus from analyzing its effects," Rep. Yvette Clarke (D) of New York said at the hearing of the Counterterrorism and Intelligence Subcommittee and the Cyber-security, Infrastructure Protection and Security Technologies Subcommittee, titled "Iranian Cyber Threat to the U.S. Homeland."
"This leads to fear of reverse engineering, leading to a capability of the types of cyber-attacks on U.S. critical infrastructure that could rise to the level of a national security crisis. We must be prepared for such rogue actions and be prepared on the national defense level as well as protecting our critical business operations, vital infrastructure functions and, frankly, our daily lives," Clarke said.
Clarke's colleague Rep. Dan Lungren (R) of California said he is "happy" the Stuxnet virus "was used by somebody who was a friendly," but warned that "as the victim of two recent cyber-attacks on nuclear and oil infrastructure and multiple U.S. embargoes, Iran, it would seem, would have motivation to strike out against those they think are responsible or anybody associated with those they think are responsible, or anybody who would stand on the sidelines and cheer those efforts." He added that "Iran's opportunity arises, as U.S. critical infrastructure companies have been slow to harden their assets against cyber-attacks."
Lungren reminded the committee members of the report issued in 2008 by an American security contractor which rated Iran's cyber-capability "among the top five globally." A more recent report, from December of 2011, indicated that Iran was investing $1 billion in new cyber-warfare technology.
"According to the Director of National Intelligence Director [James] Clapper, Iran's intelligence operations against the U.S., including cyber-capabilities, have dramatically increased in recent years in depth and complexity", Rep. Lungren said. "Since Iran appears to have the necessary cyber-capability, we can only hope that they will fear the overwhelming U.S. response that would surely follow such an Iranian cyber-attack against our nation."
Frank Cilluffo, Associate Vice President and Director of the Homeland Security Policy Institute at George Washington University, argued in his testimony that the level of tension appears to be rising. "We have seen an uptick in attempted and actual attacks on and assassinations of Israeli, Jewish, U.S. and Western interests from Beirut to Baku to Bangkok, and of course, the recent assassination attempt on the Saudi ambassador on U.S. soil," he said.
"Against this backdrop, getting ahead of the Iranian cyber-threat to the U.S. is all the more relevant and all the more timely. The reach of Iran's proxies has gone global. Hezbollah's activities now stretch from West Africa to the tri-border area of Argentina, Brazil and Paraguay. Within the U.S., there have been 16 arrests in 2010 of Hezbollah sympathizers seeking Stinger missiles, M-4 rifles and night vision equipment. Based on this recent activity, the Los Angeles Police Department has elevated the government of Iran and its proxies to a Tier 1 threat."
"Hezbollah's nexus with criminal activity is greater than that of any other known terrorist group. These links, including with gangs and cartels, generate new possibilities for outsourcing and new networks that can facilitate terrorist travel, logistics, recruitment, and operations, and I might note, including cyber. Authorities have noted significant terrorist interest in the tactics, techniques, and procedures of smuggling drugs and people into the United States. These developments suggest that our longstanding frames of reference, our so-called 'red lines,' have shifted."
"The Director of National Intelligence, General Clapper, was very bold in stating that Iran is now more willing to conduct an attack in the United States. And I might note that his assessment has been echoed by many others in the national security and law enforcement community of late. Iran is investing heavily in building its cyber-warfare capabilities, including standing up the Iranian Cyber Army, which is in addition to their more conventional and traditional electronic warfare capabilities, which were quite sophisticated to begin with. The recent hack of a security certificate company in the Netherlands - a Dutch company - demonstrated not only their hacking skills, but their ability to manipulate data as well."
"The good news is that if you were to rack-and-stack the greatest cyber-threats in net nations, Iran is not at the top of the list. Russia, China and others are. The bad news is, what they lack in capability, they make up for in intent and are not as constrained as other countries may be from engaging in cyber-attacks or computer network attack. And given Iran's history to employ proxies for terrorist purposes, there is little, if any, reason to think that Iran would hesitate to engage proxies to conduct cyber-attacks against perceived adversaries. If they did it in the kinetic and the physical world, you can assume that they will be looking to cyber-capacities as well."
Cilluffo explained that the Stuxnet attack "did cross the Rubicon, and certainly serves as a harbinger of what we're going to be looking to in the future. I feel we have nearly unlimited vulnerabilities, limited resources, and let's not forget we have a thinking predator and actor that bases their actions on our actions. So the best we can really do is get to the point where we're managing risk."
Ilan Berman, Vice President of the American Foreign Policy Council, said that while in Washington the question of Stuxnet's origin is still open, "from the Iranian perspective, it's not. It's very clear for Iran that the West writ large has launched an asymmetric attack on the Iranian nuclear program, and it is mobilizing as a response, mobilizing through the creation of a $1billion program to ramp up its cyber-defense and cyber-offense capabilities, the construction of a cyber-army of sympathetic "hacktivists," and leveraging attacks against entities such as Twitter, such as the Chinese search engine Baidu, such as the BBC."
"This all shows a very clear pattern of increasingly aggressive behavior. And it underscores, I think, a fundamental point, which is that Iran appears to be moving increasingly from defense to offense in terms of how it thinks about cyberspace. I would make the argument that this represents nothing less than a seismic shift in terms of how Iran thinks about the U.S. homeland."
"In his testimony, General Clapper talked about the fact that Iranian officials, probably including Supreme Leader Ali Khomeni himself, have changed their calculus and are now willing to conduct an attack on the United States. Are we ready for this? This is, I think, the most salient question of all."
"The past year has seen a dramatic expansion on the part of the United States in terms of governmental awareness of cyberspace as a domain for conflict, but this attention is still uneven, I would argue. It focuses largely on network protection and resiliency, particularly in the military arena, and on threat capabilities from China and from Russia. Serious institutional awareness of the threat from Iran and the cyber-warfare potential of Iran has lagged behind the times, and so has the governmental response to it."
Want to enjoy 'Zen' reading - with no ads and just the article? Subscribe todaySubscribe now