Panetta delivers warning to Iran on cyber attack threat
WASHINGTON — Defense Secretary Leon Panetta's pointed warning that the United States will strike back against a cyber attack underscores the Obama administration's growing concern that Iran could be the first country to unleash cyberterrorism on America.
Panetta's unusually strong comments on Thursday were made as former federal officials and cybersecurity experts said the United States believes Iranian-based hackers were responsible for cyber attacks that devastated the computer systems of Persian Gulf oil and gas companies.
Unencumbered by diplomatic or economic ties that restrain other nations from direct conflict with the United States, Iran is an unpredictable foe that national security experts contend is not only capable but willing to use a sophisticated computer-based attack.
Panetta made it clear that the military is ready to retaliate — though he did not say how — if it believes the nation is threatened by a cyber attack, and he made it evident that the United States would consider a preemptive strike.
“Iran is a country for whom terror has simply been another tool in their foreign policy toolbox, and they are a country that feels it has less and less to lose by breaking the norms of the rest of the world,” said Stewart Baker, former assistant secretary at the Department of Homeland Security and now in private law practice. “If anybody is going to release irresponsible unlimited attacks, you'd expect it to be Iran.”
National security experts have long complained that the Obama administration needs to be much more open about what the military could and would do if the United States were to be the victim of cyber attacks. They argue that such deterrence worked in the Cold War with Russia and would help convince would-be attackers that an assault on America would have dire results.
Panetta took the first steps toward answering those critics in a speech analysts said was a thinly veiled warning to Iran, and the opening salvo in the campaign to convince Tehran that any cyber attack against America would trigger a swift and deadly response.
“Potential aggressors should be aware that the United States has the capacity to locate them and hold them accountable for actions that harm America or its interests,” Panetta said in a speech in New York City to the Business Executives for National Security.
And while he did not directly connect Iran to the gulf cyber attacks, he warned that Iran's abilities were growing.
Security analysts agree.
The presumed Iranian cyber attacks hit the Saudi Arabian state oil company Aramco and Qatari natural gas producer RasGas by using a virus known as Shamoon, which can spread through networked computers and ultimately wipes out files by overwriting them.
In his speech, Panetta said the Shamoon virus replaced crucial system files at Aramco with the image of a burning U.S. flag and overwrote all data, rendering more than 30,000 computers useless and forcing them to be replaced. He said the Qatar attack was similar.
“This one worries me,” said Richard Bejtlich, chief security officer for the Virginia-based cybersecurity firm Mandiant. “I'm not an alarmist, but when I saw that 30,000 computers at Saudi Aramco got just deleted, that was a big deal. You don't see the Chinese government, you don't see the Russian government, or even their patriotic hackers go out and delete anything for the most part.”
From the Iranians' point of view, however, attacks against the United States may be justified because American sanctions leveled on the country for refusing to cooperate with international norms on its nuclear program have hit Iran hard. Tehran also believes that the United States and Israel were behind the Stuxnet cyber attack that forced the temporary shutdown of thousands of centrifuges at a nuclear facility there in 2010.
As a result, said Bejtlich, Iran believes it is at war with the United States.
Frank Cilluffo, a former special assistant for homeland security to President George W. Bush, said U.S. authorities have suspected Iran of trying to plot cyber attacks against American targets, including nuclear plants. And he said that Iran's Revolutionary Guard Corps appears to be trying to bring some of the patriotic hacker groups under its control, so it can draw on their abilities.
“Iran has been doing a lot of cyber saber rattling,” said Cilluffo, now director of George Washington University's Homeland Security Policy Institute. “What they lack in capabilities, they more than make up for in intent.”