Iran & Beyond: The Future of Cyber Deterrence
In 2018, the Trump Administration withdrew from the 2015 Joint Comprehensive Plan of Action, (JCPOA), asserting Iran needed to agree to a revised version that encompassed not only nuclear issues but also curtailed its ballistic missile program and support for regional armed factions. U.S-Iran tensions came close to boiling over after U.S. military forces killed Qasem Soleimani, the commander of the Iran’s Islamic Revolutionary Guard Corps-Quds Force (IRGC-QF) and one of Iran’s most important military commanders, in a U.S. airstrike in Baghdad on January 2, 2020.
On January 8, Iran launched a responsive missile attack on the Ain Al-Asad airbase in Anbar province and another facility in Erbil, Iraq. The retaliation resulted in zero casualties but clearly illustrated Iran’s precision strike capabilities. Although, the airbase attack was an effort to demonstrate their willingness to deter future aggression, national security advisors believe that Iran may be planning another counter response in the cyber warfare realm.
Iran has expanded its cyber capabilities since the United States and Israel carried out the famous Stuxnet cyberattack on its nuclear facilities in 2010. Iran has justified its cyber expansion with the need to deter future attacks and supporting their asymmetric military capabilities against conventional opponents like the United States. Although it’s not a major cyber power, Iran’s relies on covert cyberwarfare to advance its strategic capabilities.
While Iranian cyber activity has been relatively limited to the action within the Middle East, policymakers within the intelligence believe the killing of Soleimani could provide an incentive to carry out operations outside the region with targeted attacks on the United States industrial control systems.
An attack of any magnitude could expose the weaknesses in an industrial control system like the United States electric grid. The U.S. electric power grid contains all the power plants generating electricity, together with the transmission and distribution lines and systems that bring power to end-use customers. A report, authored by the Government Accountability Office, stated that by changing the control system from a “air-gapped” device to network protocols regulated by the internet increases the vulnerability of a malware attack by hackers and hacktivists.
Although a vast infrastructure in size, some industrial control systems within the United States have the cyber defense protections of a relatively small country. An attack on the electric grid would ensure chaos around the United States by putting an outstanding number of hospitals and roadways at risk.
Iran has proven its capability to penetrate industrial control systems in Bahrain by attacking their Electricity and Water systems. Jon Bateman, former senior intelligence analyst for Iran at the Defense Intelligence Agency, noted that while the country never publicly caused physical damage with a cyberattack, leaders warned that they could have learned from other examples, such as Russia’s attack on the power grid in Ukraine.
While no major cyberattacks have not been reported, concerns have increased over the potential destruction these intrusions could result in the future. Iran is engaged in a strategic game of "chicken,” and how the United States reacts will shape the scope of cyber warfare. However, Iran’s calculus on whether to employ cyber weapons involves more than the possible conflict with the United States. Cyberattack from Iran remains unlikely because Iran best serves its interest by keeping U.S. allies in Europe in the Iran nuclear deal, but a deadly major cyberattack on the United States would upset the European nations that Iran has relied on for national survival. As a result, the cost of a successful cyberattack for Iran continue to outweigh the benefits.