Cybersecurity threats, especially from Iran, have increasingly become an issue in the Middle East for more than a decade as the number and type of these attacks – against countries, entities and organizations – proliferate.
Iran periodically mentions its cyber capabilities in the context of threats against Israel, showing that Tehran has various means at its disposal to conduct its operations. To that end, a recent article in Tasnim, a pro-regime news outlet, highlighted Iran’s cyber abilities to target Israeli websites as “part of the cyberwar.”
Israel is not the only country targeted by cyber incidents, however. Cyberattacks originate from many countries and through nefarious actors. In the UAE, the government’s Cybersecurity Council affirmed its success in defending and confronting malicious cyberattacks.
It said, according to an article at Al-Ain, that the attacks failed to target infrastructure, national digital assets and strategic sectors. The report added that the national task force was able to respond proactively, including to “cyberterrorist organizations.” It did not specify the details of the attackers.
According to an article in UAE-based Khaleej Times, “Mohammed Hamad Al Kuwaiti, head of cybersecurity for the Government of the UAE, said that the UAE Cybersecurity Council cooperates with its partners in deterring over 50,000 cyberattacks each day against strategic national sectors.”
Kuwaiti made the comments at the Oracle CloudWorld Tour Abu Dhabi 2023. The report noted that he added that “banking, financial, health, oil and gas sectors are the most targeted, and that all attacks are countered proactively and efficiently, to protect the country’s digital sphere.”
An article on the business and finance website Zawya, also noted that the Cybersecurity Council “stressed the importance of confronting various cyberattacks by vital sectors, in addition to activating protection systems and cybersecurity policies and raising the awareness of the authorities about any suspicious electronic activities that may harm their systems. The UAE is adopting the best standards and practices of safe digital transformation and protection of the national digital infrastructure and space.”
In February, an article at Tech Monitor noted that “the number of cyberattacks by Iran on targets in Israel has doubled in the past year,” quoting Israel National Cyber Directorate head Gabi Portnoy, who said, according to the report, that “other countries in the region have also been feeling the effects of attacks from Iranian cyber criminals and called for greater data-sharing between governments.”
The Tasnim article framed the issue in the context of Iran’s message to the “Zionist regime” that Israel should “never feel safe.” This may be bragging, or a reflection of recent and upcoming operations.
It is important to note in this context that Iran recently normalized ties with Saudi Arabia.
The cyber front may be an easier way for Iran to brag about attacks that have a sort of plausible deniability. A country can claim it carried out “cyberattacks” without actually doing anything. For example, in June 2019, the US claimed it launched “cyberattacks” on Iran in retaliation for Iran downing a $200 million Global Hawk surveillance drone in the Gulf of Oman.
Claims of “cyberattacks” are a way for a country to claim it “attacked” or retaliated without needing to provide evidence that may lead to a real conflict. Countries can engage in massive “cyberwars” where no one is injured or harmed, and the public may not even be aware that a “war” took place or perhaps did not?
To this end, Iran claims that it has become increasingly proficient in cyber abilities, that it is an important aspect of its modern warfare. It has also claimed that the “occupation regime of Israel is experiencing a new war, different from previous wars.”
How is a cyberwar different than a normal one?
The Tasnim report details exactly how cyberwar differs from classical warfare: “Technological and electronic warfare has been able to overcome many military capabilities, and computer devices and keyboards have become the newest fronts of Israel’s war and have inflicted the greatest losses on the most vital and strategic institutions of this regime.”
These claims come after recent reports about potential Iran-Russia cooperation on hacking, as well as a report that the Anonymous Sudan cyber group carried out cyberattacks on Quds Day.
Al-Monitor noted at the time that cyberattacks targeted banks in Israel and CTech said they targeted Israel Post and irrigation systems.
Last year, The Jerusalem Post reported a 70% increase in hostile cyber activity. Another report, based on data from Microsoft, also noted that around a quarter of Iranian cyberattacks target Israel. Iran also targets the US and other countries.
Iranian media has claimed that the “anonymous hacker group and a number of other unknown names managed to target the Israeli regime and most of its critical infrastructures through the use of security gaps in the programs and systems of Israeli electronic databases.”
It then quotes other Arabic media, claiming that there has been an increase in hacking attempts: “The Palestinian resistance and other foreign groups have focused on targeting all the points of presence of the Israeli occupiers in the occupied Palestinian territory.”