The United States carried out a secret cyber operation against Iran in the wake of the Sept. 14 attacks on Saudi Arabia’s oil facilities, two U.S. officials say. Washington and Riyadh blame Tehran for the oil facility attacks.
The officials, who spoke on condition of anonymity, said the operation took place in late September and took aim at Tehran’s ability to spread “propaganda.”
One of the officials said the strike affected physical hardware, but they did not provide further details.
The cyberattack highlights how President Donald Trump’s administration has been trying to counter what it sees as Iranian aggression without spiralling into a broader conflict.
When asked about the cyberattack, Iran’s minister of communications and information technology, Mohammad Javad Azari-Jahromi, said Wednesday that “they must have dreamt it,” Fars news agency reported.
The purported U.S. cyberstrike appears more limited than other such operations against Iran this year after the downing of an American drone in June and an alleged attack by Iran’s Revolutionary Guards on oil tankers in the Gulf in May.
The United States, Saudi Arabia, Britain, France and Germany have publicly blamed the Sept. 14 attacks on Iran, which has denied involvement. The Iran-aligned Houthi militant group in Yemen claimed responsibility.
In another attack, last Friday, an Iranian oil tanker was allegedly hit by rockets in the Red Sea, and Tehran warned there would be consequences, although no one has yet to claim responsibility for the strike.
Publicly, the Pentagon has responded by sending thousands of additional troops and equipment to bolster Saudi defences — the latest U.S. deployment to the region this year.
The Pentagon declined to comment about the cyberstrike.
“As a matter of policy and for operational security, we do not discuss cyberspace operations, intelligence or planning,” said Pentagon spokesperson Elissa Smith.
Gulf tensions escalate
The impact of the attack, if any, could take months to determine, but cyberstrikes are seen as a less-provocative option below the threshold of war.
“You can do damage without killing people or blowing things up; it adds an option to the toolkit that we didn’t have before and our willingness to use it is important,” said James Lewis, a cybersecurity expert with the Washington-based Centre for Strategic and International Studies.
Lewis added it may not be possible to deter Iranian behaviour with even conventional military strikes.
Tensions in the Gulf have escalated sharply since May 2018, when Trump withdrew from the 2015 Joint Comprehensive Plan of Action with Tehran that put limits on its nuclear program in exchange for the easing of sanctions.
It was unclear whether there have been other U.S. cyberattacks since the one in late September.
Iran has used such tactics against the U.S. This month, a hacking group that appears linked to the Iranian government tried to infiltrate email accounts related Trump’s re-election campaign.
Over 30 days in August and September, the group, which Microsoft dubbed Phosphorous, made more than 2,700 attempts to identify consumer accounts, then attacked 241 of them.
Tehran is also thought to be a major player in spreading disinformation.
Last year, a Reuters investigation found more than 70 websites that push Iranian propaganda to 15 countries, in an operation that cybersecurity experts, social media firms and journalists are only starting to uncover.
On Monday, Iran President Hassan Rouhani reiterated his country’s policy toward the Trump administration, ruling out bilateral talks unless Washington returns to the landmark nuclear deal and lifts crippling U.S. economic sanctions.