U.S. Goes on Cyber Offensive with Iran Hack in Covert Operation

Credit: U.S. Cyber Command

In late July, the U.S. National Security Agency (NSA) announced plans to create a special sub-agency to adopt a more aggressive stance in cybersecurity warfare.

No longer would the nation’s chief intelligence command concentrate solely on defending the country against cyber attacks by foreign adversaries, it also wouldn’t refrain from delivering pre-emptive strikes under certain circumstances. Left unsaid was word from U.S. Cyber Command and NSA chief Paul Nakasone that the nation’s more aggressive cyber posture was reportedly already on display a month earlier, when a hacking operation against Iran hobbled a database used to target oil tankers in the Persian Gulf.

So destructive was the cyber hit that Iran has yet to recover information destroyed in the cyber strike and restart some of its military communications networks that were taken offline by the offensive, the New York Times reported, citing senior U.S. officials.

By not denying the cyber strike publicly, the Trump administration wanted to emphasize that seizing the initiative to cripple a network important to Iran’s paramilitary forces was worth the risk, the officials told the NYT. However, a mid-level official told the newspaper that as a result of the cyber attack, Iran likely gathered information about the Cyber Command’s hacking capabilities.

So far, Iran hasn’t ramped up its regular barrage of cyber attacks against the U.S. public and private sector, according to the report. While a U.S. cyber offensive is unlikely to change Iran’s posture, they are designed to demonstrate America’s cyber strength, Nathan Roule, a senior U.S. official told the NYT. “You need to ensure your adversary understands one message: The United States has enormous capabilities which they can never hope to match, and it would be best for all concerned if they simply stopped their offending actions,” Roule said.

The positional change by Cyber Command perhaps signals a ramp up in similar covert operations against other U.S. cyber adversaries, including China, North Korea and Russia. In May, 2018, Nakasone was named as both CyberCom commander and NSA director. It meant he controlled both the world’s foremost spy agency and the most powerful military hacking operation. And, it signaled Nakasone’s position that CyberCom needs the NSA’s intelligence to operate effectively and his intention to vigorously defend against cyber attacks with a greater reliance on military cyber capabilities.

D. Howard Kass

D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.