Cyberspace: The new frontier in the Israeli-Iranian battleground
There is hardly any respite in the broadening and intensification of the points of friction between Israel and Iran. The battle between these two major Middle Eastern powers is mainly indirect, but has many aspects and is threatening to slide dangerously into situations that could escalate into open hostilities — a situation neither side wants nor can afford.
Though Iran’s nuclear project attracts most attention and presents a real cause for concern — especially if reports that Tehran is only at most a year away from producing a nuclear bomb are correct — other issues are as urgent and worrying. The latest alarming development is the scaling up of Iran-linked cyberattacks on Israeli public and private interests. This relatively new front presents an increasingly alarming challenge to Israel.
During the past few weeks, cyberattacks have hit high-profile Israeli companies, including Israel Aerospace Industries, as well as the country’s health and transportation ministries. They were carried out by Pay2Key, thought by cyberspace experts to be an Iran-linked group with a mixture of political and financial motivations.
The group followed up its attacks with a provocative Twitter post that boasted of its ability to penetrate and harm the networks at the heart of Israel’s government and economy. This was not the first of such attacks. In April, both countries were involved in a cyber-battle. Iran targeted Israel’s water system, and Israel retaliated the following month by targeting an Iranian port.
Cyberattacks are emerging as a main source of threat to modern societies, reflecting the centrality of cyberspace, which lies at the heart of modern life and has an ever-increasing impact on our personal lives, our economies, our essential services and our defense systems. Cybersecurity breaches affect both public and private sectors, and their impact ranges from being a mere nuisance to compromising a country’s national security.
Cyberespionage, theft and denial of service to vital systems are not uncommon, and these digital assaults come at relatively low cost for their considerable impact. Furthermore, cyberterrorism — either by a state or non-state actors — could, given the appropriate skillset, easily take advantage of our increasing internet dependency to disable essential services such as defense, health, aviation and other utilities.
Still, the vast majority of state-to-state cyberattacks are low-level intrusions that are considered to be taking place below the threshold of use of force. International law sees cyberattacks as a violation of the principle of sovereignty and the non-intervention obligations of all states. It has been argued that the breadth and scope of their potential impact now surpasses the risk of physical attacks.
Alarmingly, the technological capabilities of harming through cyberattacks are light years ahead of any response by international law or other regulatory mechanisms. And while war in cyberspace can inflict immense damage, at what point such digital warfare might turn into a physical conflict remains unclear. This is the question that both Israel and Iran will be grappling with in the coming months and years.
The recent cyberattack on at least 80 Israeli firms, in the wake of the assassination of Iran’s most senior nuclear scientist Mohsen Fakhrizadeh and the bombing of Iranian targets in Syria, have not entirely surprised the Israeli intelligence community.
For now, both sides are testing each other and treading very carefully most of the time, on conventional fronts as well as in cyberspace. Thus far, the vast majority of cyberattacks have not crossed the line of inflicting damage in the physical world. Nevertheless, in recent months this line is fast being approached by both sides as they test each other’s tolerance of, and ability to absorb, such attacks.
The assault on Israel’s water and sewage facilities disrupted mainly local systems. But it signalled that Iran is able to penetrate Israel’s cyberspace, and in doing so reveal that it is not as well protected as one might expect of a country that prides itself on its technological prowess.
Israel’s retaliatory cyberattack on the port of Shahid Rajaee disrupted shipping companies’ operating systems and resulted in several days of road and waterway delays, demonstrating that the rules of deterrence in conventional warfare, by which countries feel compelled to constantly up the ante, also apply to cyberspace. In this case, the attacks were more about exposing general vulnerabilities, which suggests a widening of the front of such warfare.
On another occasion Israel, in collaboration with the US, was more specific in targeting Iran’s nuclear program, including infecting its enrichment facilities with the Stuxnet computer worm that resulted in damage to the uranium-enriching centrifuges. This operation was part of the wider strategy to stop Iran from developing nuclear military capability, in addition to the targeting of scientists and physically damaging facilities.
Iran is regarded as among the most proactive across the globe when it comes to supporting and encouraging cyber-disruption entities. And after the Stuxnet attack in 2010, it expanded its capabilities and formed the Iranian Cyber Army, which has been linked to attacks on the US, Saudi Arabia and Turkey.
It has been suggested that Tehran contracts out its hacking operations and maintains a number of advanced persistent threat (APT) organizations that conduct cyberattacks in different places across the globe.
So the recent cyberattack on at least 80 Israeli firms, in the wake of the assassination of Iran’s most senior nuclear scientist Mohsen Fakhrizadeh and the bombing of Iranian targets in Syria, have not entirely surprised the Israeli intelligence community. The message from the attackers is that Israel suffers from its own vulnerabilities, and that Iran’s choice of weapon remains, at least for now, in cyberspace.
Israel is not known for sitting back and merely absorbing any threat to its national security, and cyberattacks are no different in this regard. Nevertheless, in the complex and knife-edge relations between Israel and Iran, there is a real and immediate danger of a cyberwar escalating to a physical conflict on various fronts — a scenario that both countries have no interest in, but still might drag themselves into.
- Yossi Mekelberg is professor of international relations at Regent’s University London, where he is head of the International Relations and Social Sciences Program. He is also an associate fellow of the MENA Program at Chatham House. He is a regular contributor to the international written and electronic media. Twitter: @YMekelberg