Iranian media revealed details on Monday about a cyber attack they claimed to have suffered at the port of Shahid Rajaei. The port had recently seen the installation of new container terminals and oil projects. Iranian media personalities and commentators have also boasted about a “cyber attack” against Israel, with memes posted that show Israel and Iranian flags next to futuristic computerized backgrounds. The incidents underpin wider cyber tensions and Iran’s attempt to build up its cyber offensive capabilities in recent years.
ادعای رژیم صهیونیستی به حملهی سایبری از جانب ایرانpic.twitter.com/uM9b78p0QV— پایگاه خبری تحلیلی رویداد۲۴ (@rouydad24) کابینه عالی امنیتی رژیم صهیونیستی مدعی شده است که یک حمله سایبری از سوی ایران به زیرساختهای آب شهری در تل آویو صورت گرفته است. May 10, 2020
In the Middle East there has been an increased role of cyber war and cyber security, much as the region is also at the forefront of experiments with new weapon systems, from drones to ballistic missiles. In the last several years Iran has sought to boost its cyber warfare capabilities with the foundation of IRGC-supported “cyber warfare” units. Last year Iran’s “cyber army” was portrayed as being under attack from the US and other adversaries. The New Arab noted in February that Iran’s cyber army was on the lookout for opportunities. In response to the US killing of IRGC General Qasem Soleimani in early January, the cyber warriors from Tehran went hunting. They apparently struck a US government agency website on January 5.
Iran’s cyber warfare abilities date back to around 2010 when Iran had to respond to the Stuxnet virus. The Center for Strategic and International Studies noted that Iran was trying to increase its cyber power and use covert activities to guide its strategy of operations using cyber as a tool. Iran’s Basij militia, linked to the IRGC overall cyber command structure, sought to create an army of cyber volunteers. Under IRGC head Hossein Salami, Iran has presented its conflict with the US and US allies such as Israel, as part of a total war struggle that involves not only drones, missiles, militias, but also cyber. Iran’s cyber warfare capabilities are seen as a threat by the US, its Gulf allies and others across the region.
A report by the Congressional Research Service earlier this year noted that since 2012 Iranian cyber attacks have increased. They have struck at the US government, banks, casinos and Saudi Aramco, among other sites. In June 2019 the US conducted a cyber attack on Iran in response to the downing of an expensive US surveillance drone. Iran appeared to have responded by striking at Bahrain using “cyber intrusions” in July. We now know according to reports from Forbes and The Wall Street Journal in August, that Iran targeted Bahrain’s water infrastructure in July 2019. The US Fifth fleet is based in Bahrain. Iran had also slammed Bahrain for hosting a conference devoted to US President Donald Trump's Mid-East peace plan. Iran is involved in “advanced persistent threats,” concluded the Navy Times in January. According to Israel’s Channel 13 an alleged Iranian cyber attack targeted Israeli water and sewage facilities. Israel’s security cabinet held a meeting on May 7, according to the report from Channel 13.
On May 5 Mohaammad Rastad, Iran’s Deputy Minister for Roads and Urban Development hosted a tour at the Shahid Rajaei port to boast about the completion of two important container terminals and a “surge” in production. Iran was trying to get around sanctions and increase profits in the wake of the pandemic and declining oil prices. Days later, it now appears, the port suffered a cyber attack. Iran was at first perplexed by the attack and reports from Iranian new agencies ILNA and ISNA indicated they did not know the source of it. On May 10, an apparently unrelated incident, involved a computational issue during a naval maneuver between Jask and Chabahar that led to Iranian friendly fire on one of its own navy ships. Chabahar is around 700km (435 miles) from Rajaei port. ILNA reported that a computational error caused the friendly fire incident. As of Monday afternoon, Iranian social media users did not think the naval incident is linked to cyber tensions.
Iranian media has reported about the cyber attack on Israel. Iran’s ISNA also says it is looking into the Rajaei cyber attack and how an “external” attack might have happened. Overall the increasing cyber incidents in the Middle East illustrate how this new frontline is a concern to governments.
The cyber incidents come amid reports that the US and Iran may be discussing a prisoner exchange. These discussions were reported in Kuwait’s Al-Jarida on Monday. The US appears to be removing some of the military build-up in the Gulf that was sent last year during the height of the tension with Iran. In this respect the sudden cyber tensions do not reflect the overall tensions in the Gulf.