The country is most understandably worried about impending war with Iran. Military families worry about new deployments. The Selective Service website crashed from an overload of people checking to see if there was going to be a draft. The Army issued an alert that if you get a text message saying you were drafted, ignore it, it’s fake (and I can’t stress how disappointing it is that people are so frightened about war that they believe these text messages).
I’m as concerned about the chance of escalated conflict with the Middle East as anyone else, but I believe the bigger threat is already happening. We’re in a war with Iran right now, one that could impact all of us, not just our soldiers. We’re in a cyberwar.
As the NATO Alliance put efforts in place to prevent Iran from building a nuclear arsenal, the country’s leaders were putting together cyber arsenal. Our military knew that, of course, and more than a decade ago, Stuxnet was launched to show Iran that we meant business in cyberwar. But Iran put together their own cyberwar games, as Lawfare explained: “ Iranian hacking groups have graduated from conventional distributed denial of service (DDoS) and domain name system (DNS) attacks to more sophisticated operations against critical infrastructure and industrial control systems.”
We are going to see some sort of cyber retaliation, of that I have no doubt. There has been some signs of that already. An Iranian data wiper malware has been discovered, ZDNet reported: “ Iranian state-sponsored hackers have deployed a new strain of data-wiping malware on the network of Bapco, Bahrain’s national oil company. . . . The incident took place on December 29. The attack did not have the long-lasting effect hackers might have wanted, as only a portion of Bapco’s computer fleet was impacted, with the company continuing to operate after the malware’s detonation.”
“Cyber attacks are commonly used in warfare today as they are cheaper and easier than any other kind of army to raise,” Chris Kennedy, CISO and VP of customer success, AttackIQ, told me in an email comment. “Iran has a well-funded and state-supported offensive cyber capability, and this malware incident will likely be followed by other attacks.”
Those attacks will likely be against the critical infrastructure, like electric grids or other energy resources, as well as defense and government entities. And as Warren Poschman, senior solutions architect at comforte AG pointed out to me an email comment, we cannot forget about the real potential for state-sponsored cyberattacks on both international and domestic US interests. In 2018 the DOJ indicted several Iranian nationals in a scheme that penetrated universities, businesses and governmental organizations and stole more than 31 TB of data primarily by using credential hacks.
“ While much of the fear has been focused on utilities, communications, and other infrastructure, the track record indicates the focus will likely be on softer targets that are rich with identity data, financial data, and intellectual property data,” he added.
I hope for the well-being of the world, the U.S. and Iran have truly de-escalated war talk and behavior. But just because missiles aren’t flying at the moment doesn’t mean that there isn’t a battle being fought right now, one that will could do untold damage to our way of life. Organizations and individuals have to stay vigilant for cyberattacks.