Skip to main content

Should you be afraid of an Iranian cyberattack? The answer is complicated

Qassem Soleimani
A Kashmiri Shia-Muslim cleans a portrait of Qassem Soleimani, the head of Iran’s elite Islamic Revolutionary Guard Corps’ Quds Force who was killed by U.S. forces. Syed Shahriyar / NurPhoto via Getty Images

Here’s the good news: Iran likely won’t target ordinary Americans. Any and all cyberattacks that Iran would carry out would likely be against U.S. government agencies or major corporations that Iran has already, in some way or another, infiltrated and can already easily cause a disruption. Iranian hackers most likely won’t go after your phone, your Google account, or your favorite website.

But there’s bad news: According to a former CIA analyst, the assassination of Iranian general  Qassem Soleimani has far more significance in the global political theater than the Bin Laden raid. Any cyberattacks that will be carried out will be the beginning, not the end, of an Iranian offensive against the U.S.

“The breadth and expanse of who he was and the control he had over his Iranian proxies, those are things Bin Laden never had,” said Rosa Smothers, former Cyber Threat Analyst with the CIA and currently the Senior Vice President Cyber Operations at the cybersecurity firm KnowBe4. “A lot of the retribution factor is going to depend on the political environment, and how that all plays out,” she told Digital Trends.

Iran’s push to move into the offensive cybersphere began in 2009, around the time when the Green Revolution took off — mass protests against alleged irregularities in the country’s 2009 presidential election — the Iranian government pushed to expand their cyber capabilities, at first with the goal of population control, said Alex Vatanka, a Senior Fellow at the Middle East Institute. Later, they were hit by the Stuxnet virus — a piece of malware generally understood to have been a joint development by the United States and Israel to compromise Iran’s nuclear reactors — and decided to start pushing into the cyber attack sphere themselves.

These days, the experts say, Iran is on the advanced course: Not yet on the level of Russia, China, or the U.S., but about on the same level as North Korea. That is, most likely no one’s going to die from an Iran cyberattack, but we should still take it seriously.

Jon Bateman, a Fellow at the Carnegie Endowment’s Cyber Policy Initiative, told Digital Trends that there is a multitude of attacks Iran could deploy, ranging from a routine DDOS (annoying for the victim and easy to execute) to phishing or malware, to a full-scale industrial control system attack. Indeed, Iran already attempted this tactic back in 2013 when the country hacked into and compromised the Bowman Avenue Dam in upstate New York. The U.S. Department of Justice eventually indicted seven Iranian hackers in 2016 on charges connected to the infrastructure disruption. That’s where a cyberattack could affect you: It’s not inconceivable that they could take out a power generator somewhere in the U.S. and cause a massive blackout. Experts said that would be a huge red line to cross, but it’s still within the realm of possibility.

“They’ve got a reputation now for pushing envelopes and learning by doing,” Bateman told Digital Trends. Their tactics mostly involve website defacement and online disinformation campaigns, in which there is already some evidence Iran has been engaging.

So far, Bateman said, Iran has never directly attacked a U.S. government network, but the Soleimani assassination was “such an unprecedented provocation, it might cross a line.”

As individuals, there’s not a lot we can do, or really much we should be worried about, according to Smothers. “Me, personally, I’m not doing anything differently today than I was doing on Thursday,” she said. That doesn’t mean that big corporate institutions and government agencies, which are most likely to be targeted, shouldn’t be on notice.

Indeed, the Department of Homeland security over the weekend said that they’d noticed an uptick in the amount of malicious activity online targeting U.S. institutions. “It’s the same sort of vigilance you need to have with physical security,” she told Digital Trends. “Every company needs to be thinking about a defensive posture as though this is happening all the time.”

There’s a constant low-level buzz of malicious hacking attempts against the U.S. government. But in general, that’s not what we have to worry about, says Smothers.

“In the big picture, we should be most worried about physical violence from Iran or its proxies,” said Bateman. “If we see cyber attacks happening, we should be preparing for something else. Don’t believe that the cyber response is their final word.”

“They [Iran] need to do something that looks more muscular. One of their top generals was blown to pieces,” said Vatanka. “To hack into a website and release credit card information, that wouldn’t amount to much. That would look weak”

“I’d be very surprised if they start hitting ordinary Americans,” he continued. “I think they’ll be calculated in what they target.” Iranians are more interested in fomenting anger among Americans, he said. “Iran is sensitive to Trump’s delicate position domestically. They’ll try to hit back as hard as they can, but we’re not there yet.

“Each side right now is trying to calculate what adequate revenge would be,” Vatanka said.

Editors' Recommendations

Maya Shwayder
I'm a multimedia journalist currently based in New England. I previously worked for DW News/Deutsche Welle as an anchor and…
Stealthy malware shows why you shouldn’t open unknown emails
Hands on a laptop.

A new kind of malware was recently discovered that managed to slip past 56 separate antivirus products before finally getting caught.

The malware, when executed, can cause some serious damage to your device -- and it seems to be so well made that it might be the product of nation-state actors. Opening an email attachment is all it takes to grant it enough entry to wreak havoc.

Read more
Apple’s new M2 MacBook Pro can’t handle the heat — should you still buy it?
A MacBook Pro set on a table.

Apple's M2 chip found in the 13-inch MacBook Pro might struggle under pressure, found Vadim Yuryev of Max Tech on YouTube. The YouTuber tested the new MacBook Pro in order to see how it deals with extremely resource-heavy tasks.

This resulted in severe throttling upon hitting high temperatures, highlighting that Apple's design choices for the laptop might not be ideal in terms of cooling. But is this really a big deal for the intended userbase of the new MacBook Pro?

Read more
Intel Arc Alchemist A730M falls flat once again — Should you be worried?
A render of Intel Arc Alchemist chip.

The past few days have not been great for Intel Arc Alchemist, at least not where benchmarks are concerned. Intel's laptop A730M GPU was compared to Nvidia's mobile GeForce RTX 3060, both found in very similar systems.

The results, to put it mildly, are not in Intel's favor. Nvidia's RTX 3060M is a clear winner yet again, proving to be up to 62% faster than the Intel Arc A730M. Is it time to start worrying about the future of Intel's first discrete GPU line?

Read more