A secret US cyber-attack was reportedly carried out against Iran after an oil facility in Saudi Arabia was attacked in September
Two US officials have reportedly confirmed that the United States carried out a secret cyberattack on Iran, following an attack on Saudi Arabia’s oil facilities on 14 September.
Both Washington and Riyadh blame on Tehran for the attack, and two US officials who spoke on condition of anonymity, told Reuters that the operation took place in late September and took aim at Tehran’s ability to spread “propaganda.”
And one of the officials reportedly said the strike affected physical hardware, but did not provide further details.
The cyberattack, if true, demonstrates how the United States is seeking to counter what it sees as Iranian aggression in the region, without involving conventional military forces.
In June an American drone was reportedly shot down, and an alleged attack was carried out by Iran’s Revolutionary Guards on oil tankers in the Gulf in May.
President Donald Trump said in June that he had only decided to turn back an airstrike against Iran for shooting down the drone, whilst the planes were in the air.
Iran has been publicly blamed by the US, Saudi Arabia, the UK, France and Germany for the missile attack on the Saudi oil facility.
Iran has denied involvement in the strike, while the Iran-aligned Houthi militant group in Yemen claimed responsibility.
Iran has also claimed last week that an Iranian tanker was hit by rockets in the Red Sea and warned on Monday that there would be consequences.
According to Reuters, the Pentagon declined to comment about the cyber strike.
“As a matter of policy and for operational security, we do not discuss cyberspace operations, intelligence, or planning,” said Pentagon spokeswoman Elissa Smith.
It was unclear whether there have been other US cyber attacks since the one in late September.
One security expert said the report indicated the growing use of cyber-attacks by nation states.
“As nation states in conflict increasingly turn to cyber strikes on physical hardware, it is more important than ever that the infrastructure underpinning our economy can defend itself against cyber-attacks,” said Dave Palmer, director of technology at Darktrace.
“Relying on human security teams will not be enough to resist attackers that are backed by nation states and therefore highly sophisticated,” warned Palmer. “The only way to combat these attacks will be with AI that can automatically respond to attacks before any damage is done.”
“We have entered a new age of cyber warfare, where sophisticated groups are using advanced software that is capable of going under the radar of traditional security controls, plants itself in the heart of critical systems and uses that knowledge to its advantage,” Palmer said.
“This will take the form of espionage to gain competitive advantage, outright theft of intellectual property and other digital assets, or a foothold in the target’s systems that might be exploited in the future,” he said.
“We see this particularly against providers of critical infrastructure: oil and gas companies, transportation networks, power grids, etc,” said Palmer. “In the last two years, we’ve come to expect a more sinister goal of destabilising democratic institutions, and undermine their credibility and legitimacy.”
Iran has been blamed in the past for conducting cyberattacks.
In April for example a major cyberattack in December 2018 on the UK’s local government networks and the Post Office was reportedly carried out by a nation-state attacker.
The attacker was identified by US security experts as Iran, or more accurately a group connected to the Iranian Revolutionary Guards.
Last November the US Justice Department indicated two Iranian men, it alleged were behind the destructive SamSam ransomware outbreak that affected hundreds of organisations around the world, including the City of Atlanta, a Los Angeles hospital and the Port of San Diego, and caused more than $30 million (£24m) in damage.
Iran meanwhile claimed in 2018 that an attempted cyberattack had threatened to disrupt its telecommunications network, after saying it had discovered a new version of the Stuxnet malware targeting its nuclear infrastructure.
Do you know all about security? Try our quiz!