Iran Could Retaliate for Soleimani’s Death Through Destructive Cyberattacks Against the US

Soleimani Iran

The American drone attack which led to the demise of Iranian Revolutionary Guard General Qassem Soleimani, may instigate large scale cyberattacks targeting US institutions, infrastructure and companies. Cybersecurity experts have warned that it is likely that Iran and the US will enter a new era of intensified cyber hostilities.

Iran explicates that the attack on general Soleimani will not go unanswered. Iranian officials state that Iran will take revenge for the US military intervention which killed General Soleimani in Iraq this week.

Likelihood of Iranian Cyber Warfare is High

Since the Stuxnet hack in 2010, where an ingenious computer worm targeted and sabotaged Iran’s nuclear program, Iran has invested heavily in its cyber-attack capabilities. In recent years Iran has already launched numerous attacks on US institutions, like banks, while the US has retaliated with attacks on Iranian missile facilities and intelligence groups.

Experts speculate new Iranian cyber attacks following the death of Soleimani will likely come in the form of hacks on important US infrastructure like power grids, healthcare institutions, communication networks, universities and banks.

While cyberattacks have in the past been a means to refrain from ‘violent’ confrontations between the US and Iran, the Soleimani assassination may have changed the playing field. Subsequent cyber attacks from Iran could be more severe and harmful than the ones initiated in the past. Also, new cyber attacks could be aimed at the private sector, cybersecurity expert John Hultquist from cybersecurity company FireEye told the Guardian.

Cyber-attacks could be aimed at erasing or locking down essential data and systems. One can think of large scale ransomware attacks like WannaCry or Clop, affecting both companies and public institutions on a large scale.

Iranian Hackers Probably Already Have Access to Important US Systems

It is likely that Iranian hackers linked to the Iranian government already have access to numerous US computer systems, waiting for the right time to strike. If Iran decides to launch cyber attacks, they could commence on quite a short notice. While Iran does not have the same cyber warfare capacities as for instance Russia or China, it can still pose a serious threat to the US, according to cybersecurity policy professor Josephine Wolff of Tufts University Fletcher School.

A good example of how impactful cyber warfare can be, are the global WannaCry ransomware attacks of 2017, which can be linked to the North Korean government. These ransomware attacks wreaked havoc all over the world. The UK National Heath Service alone suffered over USD 100 million in damages because of WannaCry. If Iran already has access to important US data infrastructure, similar attacks as WannaCry could likely be launched. Since the Iranian attacks would be a response to US military aggression, it is plausible Iran will focus mainly on societal and corporate disruption rather than financial damage.

Spreading False News and Information as Part of a Cyber Strategy

It is also likely Iran will intensify its misinformation campaigns on social media. Twitter and Facebook for instance have already identified and shut down thousands of Iranian accounts in recent years which were spreading false information and propaganda. In a 2019 report Twitter said it had removed around 4800 Twitter accounts from Iran. A selection of 1600 accounts had sent out almost 2 million tweets with false news favoring the Iranian political agenda.

Right after the American attack on General Soleimani there were numerous false claims on Twitter about US bases in Iraq being bombed. It is expected Iran will continue to spread misinformation on social media to steer the public opinion and mislead foreign audiences.

Cybersecurity analyst
David is a cyber security analyst and one of the founders of Interested in the "digital identity" phenomenon, with special attention to the right to privacy and protection of personal data.