Stories

Iran could use cyberattacks to hit back against the U.S.

Iranian president Rouhani and Foreign Minister Zarif. Photo: Michael Gruber/Getty Images

Let’s say you are Iran. The U.S. has torn up a deal you were abiding by, and reimposed crippling sanctions that are exacerbating a currency crash and broader economic crisis. You’re in no mood to roll over for Uncle Sam — Washington’s demands are beyond the pale — but what are you gonna do about it?  

Between the lines: You could threaten oil shipments through the Strait of Hormuz, or encourage your proxies in Yemen, Syria, and elsewhere in the Middle East to step up their attacks against U.S. allies and interests. But why go to all that trouble and expense when you could inflict pain on the Great Satan and its friends with a tap or two on a keyboard and the click of a mouse? 

Iran has done cyber-damage before. Back in 2012 Tehran launched a series of cyberattacks against the U.S. and Saudi Arabia as tensions were on the rise. This time around, Tehran will almost certainly be tempted to do the same.

Here’s one reason why it might not want to do anything too provocative – along with two reasons why you should be worried anyway. 

First, the “good” news:

  • Unlike the Obama Administration, Donald Trump and his hawkish national security adviser John Bolton are almost certainly ready (if not actively itching) to respond ferociously to any Iranian cyberattacks, particularly if they cause any serious damage to people or property in the U.S.
  • Iran knows this and may reason that it’s better to go after something in the neighborhood and relatively low-risk, like Saudi companies’ business networks, rather than to invite U.S. wrath by going after something more sensitive in Uncle Sam’s own house, right? 

But here’s where things get dicey:

  • Cyber weapons aren’t like missiles that you can just stockpile and pull out whenever you want. Hackers’ access to networks comes and goes as their targets discover and defend against new threats. So if Tehran thinks it has a shot on goal, it might feel pressure to take it. Iran will step carefully, but it may be more likely to consider a riskier attack on a higher value American target – if the opportunity presents itself. 
  • There’s another problem: Cyber weapons can be hard to control once you make the decision to use them. As an example, when suspected Russian hackers hit Ukraine with a big ransomware attack last year, the malware — which had been augmented with weapons-grade code stolen from the U.S. National Security Agency — spread well beyond its initial target.
  • It caused billions of dollars of damage and wiped out IT systems in dozens of countries, including Russia. No one was killed. The attack didn’t destroy the computers that regulate control systems in a power plant or take down the intensive care unit of a major hospital. But next time might not be so lucky. 

Why it matters: Put together, Iran’s incentive to retaliate while it can, and the potential for unintended, even deadly, consequences adds a dangerous new dimension to an already-tense standoff. 

Sign up for Signal, a twice-weekly newsletter from GZERO Media, a Eurasia Group company, and follow @KevinAllison on Twitter.