Complex Made Simple

The no casualty cyber warfare between the US and Iran is on

A war with Iran was averted but cyber counterattacks have begun

Iranian mIssile control systems were targetted by US Cyber command FireEye has identified spearphishing activit by Iranian threat actor APT33 concurrent with increasing tension in the Gulf region APT33 has historically carried out destructive cyber attacks in addition to intelligence collection

A recent cyber attack was conducted on Iran was conducted by US Cyber Command, targeting computer systems used to control rocket and missile launches, according to the Washington Post

No casualties were recorded.

These are planned attacks as they don’t happen overnight, which begs the question: was the shooting down of the US surveillance drone over the Strait of Hormuz the drop the spilt the water or did escalating tensions in the region accelerate its launch? 

It was likely a better option than the bombing strikes that were narrowly averted when Trump had a change of heart and decided to spare the lives of some 150 would be dead.

Is Iran retaliating?

John Hultquist, director of intelligence analysis at FireEye told AMEinfo that “FireEye has identified spearphishing activity conducted by Iranian threat actor APT33 concurrent with increasing tension in the Gulf region and with the U.S.”

He said the spearphishing campaign has targeted both public and private sectors in the U.S,  is consistent with intelligence collection, and that the Iranian regime is also likely to be using cyber espionage to reduce the uncertainty surrounding the conflict. 

“Notably, APT33 has historically carried out destructive cyber attacks in addition to intelligence collection,” Hultquist said.

Read more: Cyber security risk is at critical levels, with people the biggest risk

Hultquist indicated that in recent years similar attacks by Iranian actors have primarily taken place in the Middle East, targeting private sector organizations such as oil and gas firms. 

“Launching destructive and disruptive cyber attacks is a capability that Iran may use to cause economic damage without significantly escalating the conflict, similar to its previous sabotage of maritime organizations. Furthermore, if the U.S. is carrying out cyber attacks as reported, Iran may use their own capability as a means of proportionate response.”