Cyber analysts have attributed a number of high-profile attacks in the United States to Iran. Frederick Kagan, director of AEI's Critical Threats project, explains how Iran has clearly attacked and done significant damage to Western infrastructure, and that now, the threat is growing.

For more on the Iranian cyberthreat:
Report on AEI.org:[ Ссылка ]
One-Pager: [ Ссылка ]
Infographic: [ Ссылка ]

Watch other videos about conflict in the Middle East
[ Ссылка ]

Subscribe to AEI's YouTube Channel
[ Ссылка ]

Like us on Facebook
[ Ссылка ]

Follow us on Twitter
[ Ссылка ]

Attend the live event:
[ Ссылка ]

Transcript:
One of the consequences of the announcement of the framework nuclear agreement has been that it's really sucked all the oxygen out of the room for talking about anything else that the Iranians are doing in the region. It leaves unaddressed a number of really current problems, including Iran's continuous human rights violations and support for terrorism and proxy military organizations in the region and around the world—and particularly with regard to cyber—that hadn't been really a front burner issue for people to begin with. Now it's really likely to fall by the wayside as we continue to focus on the nuclear issue.
The problem is that as important as the nuclear question is, the cyber capability that the Iranians have is here now.

The real deep Iranian regime interest in cyber activities began, I think, defensively. A lot of people think it started with the Stuxnet attack, but actually it began with the 2009 presidential election and the protests that followed.

During those protests the regime realized the degree to which information technology could be used to mobilize crowds, protestors, and potentially revolution. It became fixated on the problem of censoring what its population could see and what they could say and also monitoring them. They wanted to have early warning. They wanted to know who was talking about revolution and so forth. It's only in the last few years that we've seen the regime really start to work on offensive cyber capabilities, which I think reflects the degree to which they think that they have their defensive issues more under control.

One of the things we found in the report that's disturbing is that Iranian hackers appear to be using tool kits that other researchers have shown might give them the ability to penetrate not only power plant system, control systems, electrical grid control systems but also hospital control systems and record systems, university record systems and so forth, really, the full gamut of a highly sensitive infrastructure.
We haven't seen the Iranians conduct attacks designed to take down an electrical grid or penetrate a power plant that we have so far detected, but they are using exploits that could lead to that and that have been shown to be the precursors to that kind of activity.

President Obama has clearly begun to recognize the cyber threat. He's had a summit on it and he's also recently released an executive order authorizing sanctions and various activities against entities that are engaged in maligned cyber activity. It's going to be an interesting thing to watch how his efforts to address the growing cyber threat globally interact with his promises to the Iranian regime to lift sanctions.
You can be certain that if we sanction Iranian entities for bad cyber activity—and there are many that should be sanctioned for bad cyber activity—the Iranian's will say that it's a breach of the agreement and a breach of faith and so forth. It isn't actually. The agreement doesn't specify anything about those kinds of sanctions, but this is going to make it very complicated and it's something that the White House really needs to think through, Congress really needs to think through, and the policy community needs to think through as we go forward trying to defend ourselves in the cyber realm.

Iran's growing cyber security threats

свернуть