Sign up for our daily briefing
Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.
Stay on top of the latest market trends
Subscribe to Axios Markets for the latest market trends and economic insights. Sign up for free.
Sports news worthy of your time
Binge on the stats and stories that drive the sports world with Axios Sports. Sign up for free.
Tech news worthy of your time
Get our smart take on technology from the Valley and D.C. with Axios Login. Sign up for free.
Get the inside stories
Get an insider's guide to the new White House with Axios Sneak Peek. Sign up for free.
Catch up on coronavirus stories and special reports, curated by Mike Allen everyday
Catch up on coronavirus stories and special reports, curated by Mike Allen everyday
Want a daily digest of the top Denver news?
Get a daily digest of the most important stories affecting your hometown with Axios Denver
Want a daily digest of the top Des Moines news?
Get a daily digest of the most important stories affecting your hometown with Axios Des Moines
Want a daily digest of the top Twin Cities news?
Get a daily digest of the most important stories affecting your hometown with Axios Twin Cities
Want a daily digest of the top Tampa Bay news?
Get a daily digest of the most important stories affecting your hometown with Axios Tampa Bay
Want a daily digest of the top Charlotte news?
Get a daily digest of the most important stories affecting your hometown with Axios Charlotte
Photo illustration: Filograph
Various media outlets have reported that the U.S. waged some form of cyber operation against the Iranian military last week in response to attacks on oil tankers in the Gulf of Oman and an unmanned U.S. drone.
The big question: Given its history of responding to various threats with cyberattacks of their own, how will Tehran respond? It's a complicated question to answer, especially given how close President Trump was to launching physical attacks as part of his own response to escalating tensions with Iran.
Background: In 2012, just after the U.S. implemented sanctions against Iran — and with the memory still fresh of the Stuxnet malware likely designed by the U.S. and Israel to disable Iran's nuclear program — Iran is believed to have launched several cyberattacks against the U.S. financial sector.
- Since then, Iran has also been suspected of destructive cyberattacks against the state-owned oil giant Saudi Aramco and the Sands Las Vegas Corporation.
- "You'd be right to think about those attacks," said Ben Buchanan, an assistant teaching professor at Georgetown who studies escalation in cyber warfare.
- "It is fair to say Iran has a history of lashing out with its destructive cyber capabilities in response to perceived provocations," he said. "How they play it this time though is unclear, given that the risk of kinetic strikes seems very real."
The intrigue: Iran has recently been increasing its cyber espionage efforts against the United States. But the operations appear (at this point) to be more about gathering intelligence to guide Tehran than causing damage. That could change at any time.
- "Bottom line: A cyberattack is among the worst tools we could have chosen to respond to the Iranian attack on our drone because it will engender retaliation, cyber retaliation," said former deputy director of the CIA Michael Morell, who currently hosts the Intelligence Matters podcast.
- A better response, said Morell, would have been a physical strike on a military asset with "near-zero probability" of casualties.
But, but, but: While the specter of U.S. cyberattacks against Iran might bring to mind Stuxnet, we don't know what form these attacks took. It could have been something minor — more of a brushback pitch designed to deter, rather than destroy.
- "The reporting is not clear on what form the 'attacks' took," said Michael Daniel, former cybersecurity coordinator for the Obama White House and current CEO and president of the Cyber Threat Alliance, via email.
- "If they were fairly simple, like a DDoS or locking the Iranians out of social media accounts used to troll for information, then I would say the escalation risk from those actions would be low."