Security experts nationwide warn that the United States should expect serious cyberattacks from Iran in the next few months. The anticipated attacks, retaliation for United States' killing of Major General Qasem Soleimani, are likely to include as targets oil refineries and other energy infrastructure. The specific targets, and whether the attacks will be state-sponsored and strategic or carried out by individuals or smaller groups, remain unknown.
One reason underlying the likelihood that Iran will ramp up its cyberattacks is that, unlike military or terrorist attacks, cyberattacks can be carried out in measured increments, effectively hindering normal operations, yet keeping the disruption to a level that will not provoke retaliation by the U.S. Indeed, according to a New York Times report, President Trump indicated that if Iran's response to the drone strike causing Soleimani's death had been severe enough, the U.S. would have launched a cyberattack to disable Iran's gas and oil sector. Instead, President Trump imposed additional economic sanctions.
While its cyber capabilities are not on par with those of China or Russia, Iran has a long history of promoting cyber attacks on targets here and abroad. In 2012, for example, Iran initiated a denial-of-service attack on dozens of U.S. financial institutions, flooding their websites with network traffic and forcing them off-line. In 2014, Iran successfully destroyed sensitive data when it hacked into the system at the Sands Casino, after the casino's owner made anti-Iranian comments. In perhaps its highest profile cyberattack carried out against Saudi Arabia's state-owned oil company, Saudi Aramco, Iran destroyed more than 30,000 computers with a virus, forcing the company off-line for months at a cost of hundreds of millions of dollars.
As we noted earlier this month, a bulletin released by the Department of Homeland...