Federal Authorities Warn Of Iran's Cyber Threat Capabilities
RACHEL MARTIN, HOST:
So what now? The Trump administration killed a top Iranian leader in a drone strike. Then, Iran launched missiles at U.S. troops in Iraq. Now President Trump signals that it's time to take a step back from the brink. But this conflict isn't over by a long shot. President Trump announced new sanctions against Iran, and there are concerns about what Iranian-backed militias might do of their own accord to retaliate.
There's also been mounting concerns among military and homeland security officials over the threat Iran could pose in cyberspace. That is something former Defense Department official Peter Singer tracks. He's a senior fellow at the think tank New America here in Washington. He's joining us on Skype this morning. Peter, thanks for being here.
PETER SINGER: Appreciate you having me.
MARTIN: First off, just explain how sophisticated Iran's cyber capabilities are.
SINGER: They're not the equivalent of the U.S. or China or Russia, but they're a pretty good player. There's an irony in that part of the reason for this is that about a decade back, the United States hit Iran with a cyberattack called Stuxnet that sabotaged their nuclear research.
And after that, it became a pretty good time to work in the cybersecurity field in Iran. They built up a variety of new organizations, including cyber units in Quds Force, which Soleimani, who was just killed, led - as well as opened up research programs in various universities. But I think what distinguishes them is not just their capability but that they've shown a willingness, unlike most states, to hit back in this space, which is what has so many people in cybersecurity on edge right now.
MARTIN: So just give us some examples of exactly how Iran has deployed its digital weapons over the years.
SINGER: They're one of the few states out there that's shown a willingness to hit back in not just an open but, in some cases, pretty damaging way. After Stuxnet, they felt the need to show off that they had this capability. And so they did everything from retaliations against U.S. banks, where there were denial of services, which made it difficult for customers to access them - to they hit Saudi Aramco and turned around 30,000 computers there into the equivalent of bricks - just wiped them - to they've probed into critical infrastructure - for example, a small dam in upstate New York - to they even retaliated against Sands Casino, which is owned by Sheldon Adelson, who was a prominent voice opposing Iran in the nuclear deal. And they caused millions of dollars of damages in that breach there.
MARTIN: Very prominent Republican fundraiser, as well.
So it seems like we are stepping away from the brink. There is this de-escalation between the U.S. and Iran - at least in the immediate term when it comes to military action. Is there reason to believe, though, that Iran could still hit back with some kind of cyberattack?
SINGER: I think there's reason to believe that. No one can really answer it other than Iran's leaders. But I don't think anyone is assuming that this threat goes away. In fact, the FBI and homeland security just yesterday released a warning of Iranian terror and cyberthreats in a new intelligence bulletin.
And for me, I think if the last decades are any kind of guide, what we're going back to is not a de-escalation in terms of, you know, outright peace but a back-and-forth at a level just beneath war, where you'll have a mix of overt and covert actions - sometimes people taking claim for it, other times not claiming it or running it through some kind of proxy. And that's very much an environment that's tailor-made for cyberthreats. I think, you know, we're not - we're off the brink of the worst kind of threats, where everyone's using their full capabilities.
SINGER: But all the stuff that happened in the past before we jettisoned the nuclear deal, we're back into that period again.
MARTIN: What are the most vulnerable targets? I mean, we hear a lot about infrastructure, utilities. Just list off a few.
SINGER: So you face a thinking adversary. And thinking adversaries don't always go after the most obvious or certainly the most well-defended targets. So if we're thinking about what an Iran or anyone else might go after, you, of course, have military and government networks, but you have what - you know, critical infrastructure.
But in critical infrastructure, there's ones that are pretty well defended, like banks. And then there's the obvious scenarios of the power grid. But there's a lot of weak links in other areas, like water treatment plants, etc. And that's - it's this wide array of areas that I think is what we have to worry about bringing up to a better level of cybersecurity right now.
MARTIN: Peter Singer, he's the author of the upcoming book "Burn-In," a book about how technology is bringing us to the breaking point.
Peter, thank you so much.
SINGER: Thank you.
NPR transcripts are created on a rush deadline by Verb8tm, Inc., an NPR contractor, and produced using a proprietary transcription process developed with NPR. This text may not be in its final form and may be updated or revised in the future. Accuracy and availability may vary. The authoritative record of NPR’s programming is the audio record.