Even Israeli Prime Minister Binyamin Netanyahu and GOP presidential nominee Mitt Romney are calling military action a last resort not to be used now.
All sides seem keen to avoid a fighting war. Now, deniable cyber attacks seemingly offer one of the easiest ways of fighting back without risking too much.
The United States is determined to stop Iran’s nuclear program and is looking at new tools to spike it. Tehran’s rulers need to respond to crippling sanctions, a collapsing currency and rising popular discontent.
Cyberspace may be just the place to duke it out. And that war may already be underway.
Definitive proof of responsibility in cyberspace, experts say, is often all but impossible—despite recent claims to the contrary by US Defense Secretary Leon Panetta.
Government and private security officials say what evidence does exist points to an American attack on Iran’s nuclear sites using multiple worms in recent years and Iranian involvement in a rising tide of attacks outside its borders this year.
These included directed denial of service attacks that have taken down websites of several US banks including Citigroup and Bank of America as well as a far more serious assault on Saudi Aramco that destroyed the contents of some 30,000 office computers, but did not reach those that run Saudi oilfields.
What the attacks show, say specialists with knowledge of government intelligence, is that Tehran is raising its game fast—although its capabilities remain well behind those of the United States, Israel, Britain, China and Russia.
“We’ve known for a long time that the Iranians were working on these kinds of techniques, but it is a surprise how fast they have advanced,” said James Lewis, a former US Foreign Service officer now senior fellow and cyber specialist at Washington, DC’s, Center for Strategic and International Studies.
“Neither side really wants a war because of the economic costs in particular. So this is what they do instead,” he told Reuters news agency.
Iranian officials have denied any involvement in the bank hacking. And they say they themselves have come under mounting attack, with oil facilities, infrastructure and communications firms all suffering system failures they blame on cyber attacks from other countries.
Stuxnet started it all in 2010, which may be viewed as the start of the era of cyber warfare.
While no government has ever taken responsibility for Stuxnet, it is widely assumed to have been a US project with Israeli involvement. It was designed to damage Iran’s centrifuges and sabotage its nuclear program.
“Stuxnet was effective, but it wasn’t a knockout blow,” says Ilan Berman, a former CIA and Pentagon consultant now vice president of the American Foreign Policy Council. “What it has done, however, is open a new front.”
“Cyber is the domain where the brunt of the confrontation will move to,” says Dina Esfandiary, a research associate and Iran specialist at London’s International Institute for Strategic Studies. “For Tehran, (it) is the ‘safest’ form of confrontation because of its secretive and deniable characteristics,” she told Reuters.
Exactly who is doing the hacking, however, is harder to say.
“A lot of these capabilities are fluid,” said Berman. “You have groups of hackers that may or may not be part of the Revolutionary Guards [Pasdaran] but clearly are encouraged by them. There is also the possibility that Iran is buying additional cyber capabilities, or even manpower, on the open market. We simply don’t know.”
In a major speech on cyber security last month, Panetta described the attack on Aramco as the most destructive ever suffered by a private sector company — although he stopped short of explicitly blaming Tehran.
The thrust of his speech, however, was seen by analysts as an explicit warning that further attacks could bring consequences.
The rules in cyberspace are far from clear. Washington has announced it reserves the right to retaliate militarily for any cyber attack that causes death or damage, but in reality most believe the technology has far outpaced the discussion on its use.
“States at the moment seem to have little self-restraint in cyber,” said Alexander Klim-burg, cyber security expert at the Austrian Institute for International Affairs. “This is very dangerous…. The consequence may be that … we find ourselves with a redefinition of ‘war’ —one that is never declared, seldom visible but effectively constant.”
What is increasingly suspected is that cyber confrontations will be used in response to international disputes in the years to come.
Russia and China are believed to have ploughed billions into capabilities they believe may allow them to work around the conventional military dominance of the United States, allowing them to turn off essential systems and communications.
US officials already accuse China of hacking corporate and state secrets and stealing technology. Meanwhile, Beijing accuses Washington of supporting Internet dissidents it fears want to bring down the communist government.
At worst, some fear cyber disputes could wreck international relationships and spark shooting wars—and not just in the Gulf.
“We have a situation where governments and their proxies are increasingly indulging in cyber attacks to damage rivals’ interests,” said John Bassett, a former senior official at British signals intelligence agency GCHQ and now senior fellow at London’s Royal United Services Institute.
“There’s a really serious lack of shared understanding and informal rules needed to regulate and limit these activities.”