By Owen Davidson
Iran has made attempts to recover information that the U.S. successfully damaged in a June 20 cyber-strike, The New York Times reported. The strike had occurred not too long after the Iranian Revolutionary Guard attacked oil-tankers in the Gulf of Oman. Repercussions of the attack are still being monitored today.
According to The New York Times, officials said the cyber-strike “‘was a critical attack in that ongoing battle,’” with military communication networks taken offline. The database was used to target oil tankers and track shipments in the Persian Gulf.
According to an NBC interview with founder of Trustsec Dave Kennedy, the attacks that targeted research facilities caused “‘misreadings,’” which in turn “‘literally sent their program back years of research.’” In other words, the cyber-attacks aimed to erase data.
More pressingly, the U.S. cyber-attacks could be a response to Iran’s blame in shooting down an unmanned American drone in June, according to NBC. The U.S. and Iran contested whether it was shot down in Iranian airspace or whether it was flying internationally.
When interviewed by NBC, John Bateman, the former director of Cyber Strategy Implementation in the office of the Secretary of Defense, said the U.S. had the “‘legal authority … to strike back at Iranian systems that aim to target U.S. forces.’”
Initially, President Donald Trump issued a drone strike targeting Iran before calling it off. In a June tweet, he decided 10 minutes before launching the attack to call it off after a general told him it would kill roughly 150 Iranian people.
Another angle is whether the cost of the cyber-attack outweighs the reward. According to The New York Times, Iran, as well as other military powers such as China, Russia and North Korea, can determine how the cyber-attack took place. In turn, world leaders could gain the knowledge to protect against further attacks that use the same strategy.
Also integral is how often a cyber-weapon is used. According to The New York Times, “(cyber-weapons) can be used a few times, or sometimes even once.” After spotting the vulnerability, the target can “engineer a patch” to block further access to its network.
Furthermore, Gary Brown, a professor at the National Defense University and former legal counsel for Cyber Command, told The New York Times that access which allows the U.S. to initiate the attack gets “‘burned’” in the aftermath.
It is still uncertain whether or not the U.S. initiated the “cyber war.” According to a U.S. official interviewed by The New York Times, the U.S. conducts attacks in “‘persistent engagement,’” and at all levels calibrated “way below the threshold of war.”