By Pooya Stone
A secret cyber attack targeting a critical database used by the Iranian government to plan attacks against oil tankers limited Tehran’s ability to target shipping traffic in the Persian Gulf over the summer, according to senior US officials who spoke to the New York Times.
Iran is still trying to recover the information destroyed in the June 20 attack and restart the computer systems, including military communications networks, which were taken offline. However, this does mean that the US also lost access to a critical network used by the Iranian Revolutionary Guards Corps (IRGC), a US-designated terror group.
Gary Brown, a professor at the National Defense University and former legal counsel for Cyber Command, told the New York Times: “It can take a long time to obtain access, and that access is burned when you go into the system and delete something. But on the same token, you cannot just use that as an excuse not to act. You can’t just stockpile access and never use it.”
The US and Iran have been involved in an undeclared cyber conflict for a long time, which remains in a grey area between war and peace, with the June 20 strike going forward after Donald Trump called off an airstrike, the day after Iran shot down an American drone.
Iran has not escalated its attacks in response, instead remaining at the same pace.
Norman Roule, a former senior intelligence official, explained that American cyber operations are designed to change Iran’s behaviour without deepening the conflict.
He said: “You need to ensure your adversary understands one message: The United States has enormous capabilities which they can never hope to match, and it would be best for all concerned if they simply stopped their offending actions.”
Unlike conventional warfare, a cyber attack does not necessarily deter future aggression because they are hard to attribute and rarely acknowledged publicly, but they do demonstrate that the US will respond to attacks.
Army General Paul M. Nakasone, the head of US Cyber Command, said he employed a “persistent engagement” strategy against adversaries, which are designed to stay well below the threshold of war.
Through this cyber warfare, the US gathered intelligence that showed the IRGC as responsible for the limpet mine attacks that disabled oil tankers in the Gulf in May and June.
The senior official said that no tankers have been the subject of a significant covert attack since the June 20 cyber operation, although Iran did seize a British vessel, and while it was only ever going to be temporary, the impact has lasted longer than expected.