If The Washington Post report is true and Israel sabotaged Iran’s Shahid Rajaee Port on May 9, it signals the fastest and largest leap forward in the shift to constant cyber warfare.
Israel’s move was a counterstrike for an Iranian attempted cyber strike on its water supply in April, the Post reported.
Numerous top cyber and intelligence officials in Israel and the United States have spoken to the Post about a shift to “constant” cyber warfare following Russia’s interference in the 2016 US presidential election.
Until then, the theory put forward by both Israeli and US officials was that absent a pressing need (like slowing Iran’s nuclear program between 2009 and 2019), offensive cyber weapons should be used sparingly as they could lead to unpredictable backlash. Western societies are more open to cyberattacks than the closed dictatorships that tend to be their adversaries.
In June 2018, retired IDF Brig.-Gen. Ehud Schneerson, the former chief of Unit 8200, implied to the Post that Israel has the ability to wreck Iran’s energy sector and should do so at the outset of any broader conflict with the Islamic Republic.
A month later, US Cyber Command head Gen. Paul Naksone said a main mistake people make with cyber defense and deterrence is trying to divide everything into peacetime and wartime. He advised avoiding these binary choices and instead to be prepared for constant low-grade cyber combat.
Then in August of the same year, Israel’s first head of the National Cybersecurity Authority, Buky Carmeli, conferred with Naksone. “People use lots of physical-world words,” he said. “You have peacetime, a war like 2014 Operation Protective Edge, a terrorist incident or some other uptick in violence. War in cyber does not have any of this. Cyber is an endless battle. You are always playing chess with the other side.”
“In chess, sometimes you lose a pawn,” he added. “Maybe you weigh trading losing a bishop in order to take someone else’s knight. You need to look at the full spectrum of priorities, and you do not deal with every threat.”
Cyberattacks should not be viewed in a vacuum, but rather discussed in context of both the virtual and physical worlds, Carmieli said.
“You need to set an overall policy and coordinate it [cyber operations] with your other non-cyber operations,” he said. “When do you decide that you want to bomb an adversary’s electrical company? It’s the same answer for when you would launch a cyberattack on their electricity sector. It is just a question of how you do it.”
IN SEPTEMBER 2019, just-retired US Cyber Command deputy commander Vincent Stewart told the Post worrying about blowback from cyberattacks had gone too far, and the US and its allies had started to aggressively bloody the nose of any adversary who used cyber weapons against America.
In general, the sentiment has been that cyberattacks can be used in circumstances in which Israel would be ready to launch a similarly devastating attack with conventional forces.
This was the line that Iran crossed in April.
Attacking Israel’s water supply targeted an element of critical civilian infrastructure. The cyberattack did not succeed. But if it had, it could have harmed Israel’s economy and contaminated the water supply. It could have endangered civilians either from direct contamination or from suddenly reducing how much water was available.
If Iran launched an airstrike on Israeli water infrastructure, Israel would respond.
Before 2016 and 2018, Israel might have shrugged off a failed attempt or might have responded with a counterstrike of the same level just to send a message.
Instead, Israel’s counterstrike was far more physically damaging to Iran than the Islamic Republic’s failed attack on Israel.
According to The Washington Post, on May 9, shipping traffic at Iran’s Shahid Rajaee Port terminal came to a sudden halt.
Computers that regulate the flow of vessels, trucks and goods all went down at the same time, leading to a massive backup on waterways and roads near the port.
Iranian officials belatedly acknowledged that an unknown foreign hacker had briefly pushed the port’s computers off-line.
But the latest report said the cyberattack on Iran impacted traffic around the port for days, with a US official quoted as saying the country was in total disarray.
The message then was clear: Israeli cyber weapons are far superior to Iran’s. Do not test Israel.
Dovetailing into Carmeli’s bigger strategic picture, this is the same message Israel has sent Iran in Syria whenever Tehran has tried to upgrade its ability to threaten the Jewish state.
There was a time when blowback was the biggest concern, when Israeli officials tried to support doctrines and efforts to arrive at worldwide standards to limit cyberattacks.
Now, Israel is using old-fashioned deterrence and responding disproportionately to “encourage” those who would hack it to think twice.