“US government warns of Iranian cyber response.” (From our Forums.)
Text originally published by Timothy Ogden on the Cyber Secure Central Forums.
Although recent tensions between the West and Iran have de-escalated and the risk of a new war between the USA and a Middle Eastern country, simmering resentment is likely to linger; not, of course, that there was any lack of this before the Washington-sanctioned assassination of Major-General Qasem Soleimani of the Revolutionary Guard Corps.
Recent events are somewhat reminiscent of Operation Eagle Claw, an American attempt to secure the release of fifty-two US embassy staff in Tehran in 1980 during the Iranian Revolution. Inspired by the success of the United Kingdom’s elite Special Air Service regiment in storming the Embassy of Iran in London some months earlier, the United States decided to secure the release of its embassy staff — who had been held for more than a year — through military means. The operation would constitute the first combat deployment of Delta Force, the US Army’s most elite unit (and which was directly modeled on Britain’s SAS).
However, unlike the SAS assault on the Iranian embassy in London, Eagle Claw was a catastrophic failure. The American rescue force never even arrived in Tehran, and instead had to beat a hasty retreat out of Iran, leaving US Navy helicopters, classified documents, and one dead Iranian civilian behind. The operation cost the lives of eight US servicemen, and bolstered the Iranian Revolutionary faction while badly damaging US prestige on the world stage; it is also widely considered to be one of the reasons behind President Carter’s failure to secure re-election.
Of course, the parallels between the termination of Qasem Soleimani and Eagle Claw are not exact: Soleimani was successfully eliminated, while Eagle Claw was an embarrassing failure. Soleimani’s death has led to Iranian promises of retaliation; Eagle Claw is still celebrated in Iran as a victory over the United States. Yet the most glaring difference of all is the Iranian capability of retaliation. In 1980, the Revolutionary government had not yet consolidated its position, and the eight-year war with Iraq that followed shortly afterwards took all of its focus.
The world of 2020 is a very different place — and Iran’s capabilities have changed with it. Although the risk of a massive conventional military response from Iran is considered to be minimal (its sole retaliatory rocket attack against US targets in Iraq resulted in no deaths), worries remain over an attempt to cause harm through cyberspace. As Kara Frederick, a fellow at the Center for New American Security, said, “Cyber allows them to compete at a level of parity that they don’t have in the physical world.’
There is precedence for hostile Iranian attacks, and fears over repeat incidents are not groundless. Between 2011 and 2013, Iranian-backed hackers attacked large American banks, including JPMorgan Chase, the Bank of America, and Capital One, flooding the networks with traffic, taking them offline, and subsequently costing millions of dollars in lost business. In 2018, as massive ransomware attack crippled Atlanta, with workers in the city being forced to return to pen and paper until the crisis was resolved.
Indeed, the US government has advised both its own bodies and private companies to remain vigilant in the coming months, adding that an attack may not be in the coming days and weeks. “Right now what we’re seeing instead is a huge increase in reconnaissance activity,” Jordan Mauriello, senior vice president of managed security at cyber security firm CriticalStart, said. “Specifically they’re looking for potentially vulnerable servers, data gathering. They’re kind of preparing the battle plan in cyberspace.”
Even if 1980’s Operation Eagle Claw had been the striking success it was planned to be, it is unlikely that Iran would have been able to respond, what with the impending war with its Iraqi neighbors and its lack of offensive capability. The fact that Eagle Claw is celebrated every year in Iran is proof, if it were needed, that Tehran does not forget. The public outpour of grief at Soleimani’s death also suggests that Tehran does not forgive, either. And much has changed in forty years — Iran is able to respond. The US government’s warnings should be taken seriously indeed.
The content of this article does not reflect the official opinion of Cyber Secure Central. Responsibility for the information and views expressed in the article lies entirely with the author(s).