From The Cipher Brief's Open Source Collection newsletter, U.S. officials and Cipher Brief experts are warning U.S. businesses to remain vigilant as tensions between Iran and the U.S. continue.
Christopher Krebs, director of DHS’ Cybersecurity and Infrastructure Security Agency issued a warning over the weekend that “malicious cyberactivity” was on the rise just a day after news came out that the U.S. is carrying out cyberattacks against Iran in response to recent provocations.
This comes as the United Nations Security Council holds closed door meetings on Monday to discuss the downing of a U.S. drone last week.
The Cipher Brief spoke with former National Intelligence Manager for Iran at ODNI, Norm Roule, who is also a Cipher Brief expert, about understanding the impact of the latest moves by Washington.
The Cipher Brief: What signal has the President sent Iran, the region, and the international community by calling off the strike following the UAV downing?
Roule: The President’s decision will be interpreted differently by various actors. Despite its bluster, Iran knows that our military capabilities in the region vastly exceed anything it can bring to the table. Thus, it looks at us in terms of intent more than capability. On this point, Iran understands we aren’t seeking a conventional war, so it probably believes that it can continue the sort of attacks we have seen in recent weeks without provoking a regime-threatening attack by the U.S. I suspect that within Iran, there may be some debate as to how far the U.S. can be provoked and when European sympathy for Iran will start to dwindle.
Europe and Asian partners will appreciate the President’s restraint, but they likely suspect it has limits. The good news is that the restraint-combined with Secretary of State Mike Pompeo’s aggressive diplomatic campaign-has launched the first significant engagement by European and Asian senior actors with Iran on its regional adventurism. Europeans are likely to press Iran to halt its aggression. It remains unclear whether this will produce results, but any opportunity for dialogue is welcome.
The reaction in the region is a mixed bag. Certainly, regional countries support the Trump administration’s pressure campaign on Iran, but none of them want a conventional war. This said, those regional countries which find themselves at the receiving end of Iran’s violence are likely disappointed that Iran has once again attacked the U.S. without consequences.
Meanwhile, Iran’s surrogates in Yemen have undertaken an aggressive missile campaign against Saudi civilian targets and the number of killed and wounded is growing. The international community’s near silence on this issue has likely underscored to Iran that it can execute whatever attacks it wishes as long as it uses proxies. I can’t think of another time in post-WWII history where a country has been able to do this. At some point, the victims of Iran’s aggression will decide that the only way to protect their nationals and reestablish deterrence will be to strike Iran directly.
The Cipher Brief: How concerned should we be about a potential cyberattack from Iran or its proxies?
Roule: My regional contacts advise me that they have seen a spike in Iranian cyberattacks over recent months. I expect this to continue until Iran’s Supreme Leader believes that the regime will be punished for such operations. Given the likelihood of Iranian cyber probes and perhaps even offensive operations against U.S. interests, now would be a good time for companies to review cyber defenses and training as well as cyber breach response plans.
Join The Cipher Brief March 22-24, 2020 for in-person briefings with a number of Cipher Brief experts on global and national security issues. Request your seat at the table today for The Cipher Brief’s Annual Threat Conference in Sea Island, GA.
Read more from Norm Roule in The Cipher Brief
Read also Deadlier Skies: Risks and Benefits of Drone Technology and Who Should Give the Kill Command? only in The Cipher Brief
