Cyber Attacks: Iran Will Retaliate

Monday, October 03, 2011

Joel Harding


The Iranian AhlulBayt News Agency published a piece recently entitled “Iran will reciprocate cyber attack by US: Army commander says” Please, take a minute and read it.

The only really good thing about this article is that they do not use the term cyberwar. Wait a second, they do say “Cyber Warfare“, but I’ll give them a pass. It’s such an obvious propaganda piece but I couldn’t let it go completely.

Brigadier-General Ali Shadmani, the “head of the Operations Department of the Iranian Armed Forces”, says they will “reciprocate” against the “United States or its allies”.

Pardon me, Mr. General, sir, but are you predicting the United States is going to attack you?  Why would you possibly name the “United States or its allies” before anything happens? 

To me that sort of stinks that you’re going to blame ANY cyber attack on the United States…  

And please, General, kindly tell me what you mean by reciprocate?  If there are 49 different attack ‘types’, according to the Cyber Commander’s eHandbook, do you intend to use the same attack type?  That would be reciprocal in my book... Or was this a euphemism for saying ‘We will retaliate in cyberspace’?  Please clarify?

Iran has a record of Shamshir rattling or as I used to say as a teenager, of woofing crap.  I believe the current vernacular is ‘trash talk’.  Yes, Iran has formed a cyber command.  Yes, there is a hacker group called the Iranian Cyber Army, and they were defacing pages in China for a little while and even took down Baidu

They’ve attacked ‘enemy websites” and they’re doing all they can to deny dissidents a voice. They’ve been trying to block outside word from getting into Iran. But what they are best at is defacing webpages…  I was asked about this recently by an internet security expert, what I thought about website defacement.  My answer is fairly obvious, it’s just a web defacement. 

It means I call up the the host, tell them my website was defaced, ask them to reload the webpage from backup files and then they need to install the latest patches. It is only a pain in the you-know-what, nothing more.  Even when they ‘took down Twitter’ it was only a web defacement, the engine was still working in the background.

But Iran has some severe problems they must deal with before they begin “reciprocating”.   The US has a ton of sanctions against Iran, so they are not getting the latest and greatest when it comes to equipment.  Iran doesn’t have many allies, even the EU has recently increased their sanctions against Iran, as has the United Nations.

All their replacement parts must be smuggled in, this does not give them adequate parts on hand to become engaged in a a protracted war. We should all know that an attack in cyberspace without an accompanying conventional attack accomplishes almost nothing.

They also have a ton of internal problems with hackers. Imagine Iran attempting to take on the world while being simultaneously attacked from the inside?

Also, Iran already has problems with non-State actors already targeting their networks.

Admittedly, they do have at least one really good hacker, ComodoHacker. He compromised Diginotar, a certificate authority, which allowed anyone with access to those certificates the ability to read and even change the email that was supposedly secure, using a man-in-the-middle attack.

Beyond this one very gifted hacker, I don’t see a lot of expertise in Iran “reciprocating” to cyber attacks.  Should we worry?  I don’t think so.  One very good hacker can only teach so much and I don’t believe there is a cyber weapon suite available that is truly effective.  At least not in Iran. 

So please, Brigadier-General Ali Shadmani, put a sock in it.

Related articles

Cross-posted from To Inform is to Influence
Possibly Related Articles:
Iran Military Cyberwar Attacks National Security hackers Retaliation
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.