The Potential Cyberwar Between Iran and the U.S.

On January 2 the U.S. killed General Qasem Soleimani who led Iran’s Quds Force. As a result, Iran has stated in no uncertain terms its desire to take revenge against the U.S. for their actions.

Soleimani, being the leader of the Iranian Revolutionary Guards Corps, was often referred to as the second most powerful man in Iran.

This is quite an important title given that the only person more powerful than Soleimani was Ayatollah Ali Khamenei, the Supreme Leader of Iran.

While it’s not certain yet what the future holds, it’s generally believed that Iran will do anything in its power to retaliate against the U.S. The assassination prompted the U.S. Department of Homeland Security (DHS) to release a National Terrorism Advisory System Bulletin.

image of a solider in camo gear sitting in front of a computer and using a keyboard

The document stated that the DHS had no concrete information which indicated a credible or specific threat to the U.S. However, the document went on to say that Iran and all its partners had previously demonstrated their capability and intent to conduct operations in the U.S. Furthermore, the document stated that previous Iranian plots included planning and scouting U.S. infrastructure targets along with cyberattacks against targets all based in the U.S.

Is the U.S. Prepared for a War With Iran?

Assuming that Iran decides to initiate retaliatory cyberattacks on the U.S., it stands to reason that the U.S. may not be fully prepared. Some cybersecurity researchers say that the U.S. may be vulnerable in a cyberwar with Iran. That should be a cause of concern not just for the U.S. government but also for the citizens of the U.S.

One of many major concerns is that cyberattacks can be as costly as a normal war. The Council of Economic Advisors published a report in 2018 mentioning that cyberattacks cost the U.S. government upwards of $110 billion per year.

General Keith Alexander, former commander of the U.S. Cyber Command and director of the U.S. National Security Agency, said in a statement on April 11, 2018 that the U.S. is “woefully underprepared as a nation,” to defend against a significant cyberattack. He went on to state that no country in the world is prepared for this kind of attack.

At another time, Alexander stated that any cyberattack started with a side taking the offense. According to Alexander, being on the offensive is much easier than being on the defensive. It’s important to note that Alexander is the founder and CEO of IronNet, a cybersecurity firm based in the U.S.

On January 6 the DHS’s Cybersecurity and Infrastructure wing released an official warning to U.S. technology companies to strengthen their cyber and physical defenses against potentially destructive cyberattacks along with other cyber threats including IP theft and cyber-enabled spying. This warning made it clear the U.S. government was not the only potential target in a possible cyberwar.

Michael Daniel, a cybersecurity coordinator for the Obama administration and CEO of the Cyber Threat Alliance, recently stated in an interview with Yahoo Finance that Iran has used the tool of cyber warfare before. He went on to say that the Iranians have continued to develop their cyber capabilities, but could not say for sure if Iran was planning cyber attack prior to the assassination of Soleimani. Daniel continued by saying that no matter what course Iran takes, the U.S. and other western countries need to be prepared for Iran to use a cyberattack as part of their retaliation.

What Else Is at Risk?

The U.S. government is not the only entity at risk of an Iranian cyberattack. It stands to reason that if Iran retaliates in the form of a cyberattack their first target would be banks or another crucial industry. The DHS has warned that Iran’s targets could include industries such as telecommunication, energy and finance along with any organization connected to these industries.

In the Yahoo Finance interview, General Alexander agreed with Michael Daniel that the most likely Iranian targets would be the government, energy and finance activities.  He based this assessment on the fact these are the entities that Iran has targeted in the past and continues to focus on in the Middle East.

According to Alexander, it can also be expected that the Iranians will go after U.S. military networks if they have the opportunity to do so.

Daniel concluded his remarks by saying that an Iranian-led cyberattack could happen soon, but that the Iranian government could take longer to launch the attack in order to increase its potency. Therefore, the U.S. should prepare for all eventualities, including a lag in Iranian response.

Previous Cyber Attacks Between the U.S. and Iran

In June 2019 the U.S. Cyber Command carried out cyberattacks against the Intelligence Group of Iran. U.S. officials said they believed the Intelligence Group of Iran helped rogue groups plan an attack against Saudi Arabian oil tankers. The U.S.’s attacks were also a response to Iranian’s drowning a U.S. military drone.

The attack took place the same day as when U.S. President Donald Trump canceled a strike on targets in Iran, including the country’s missile and radar batteries. However, the U.S. Cyber Command carried out the operation because it deemed the action to be far below the military threshold which could lead to an armed conflict. The U.S. Cyber Command used shadow tactics similar to those previously deployed by image of people who are invisible within a cyber system filled with code

According to those who were briefed on the U.S. Cyber Command’s operation, multiple computer systems had stopped their routine work in Iran due to cyberattacks. It was believed that these systems were used by Iranian intelligence groups to plan the tanker attacks. An additional cyber attack targeted other computer systems connected to Iranian missile facilities.

It’s difficult to accurately determine the net effect of a cyberattack, especially when it’s on a facility as sensitive as a country’s missile launch system. The only way to ascertain if the U.S. Cyber Command had any success in its cyber attacks would be if Iran made an attempt to launch missiles only to find that the systems failed.

Few details about the attacks are known. As indicated earlier, the main purpose of the cyberattacks was to force the Iranian Intelligence Group to go offline for some time. Such a strategy is not dissimilar to the one the U.S. adopted when it downed Russia’s Internet Research Agency during and after the U.S. midterm elections in November 2018.

Cyberspace and Its Increasing Threats

According to a statement from retired Brigadier General Gregory Touhill, who is currently an adjunct professor at Carnegie Mellon University, every armed conflict since Desert Storm in which the U.S. has been involved has had an increased element of cyber warfare. This gravity of this statement is cemented by Touhill’s former role as the first federal chief information security officer for the U.S.cyberspace with the words cyber war within it

For a country like Iran, whose economy has been severely impacted by U.S. sanctions, cyber warfare presents an economical and efficient method of disrupting other countries’ economies. The arms embargo on the country has been in effect for over four decades and has kept Iran’s conventional military force from keeping pace with other formidable powers locally and globally.

Cyber experts have noted that Iran’s cyber warfare capabilities are comparable to those of countries like China and Russia. However, Iran, unlike other countries, has shown an increasing willingness and ability to use cyber warfare as its primary form of aggression against its enemies. The country has supported hacking groups since at least 2005 when one such group managed to hack into a range of websites and deface them with pro-Iran material.

How to Protect Yourself From Cyber Warfare

First things first, you need to make sure that you’re using a strong password for all of your accounts. That includes your banking websites and social media platforms. In the case of a cyberattack, you don’t want your bank information or your IoT devices to be left vulnerable to hackers.

This is important:

Your passwords should be long and unique. Using a password manager can help you keep track of your passwords as they should be inherently difficult to remember.

Second, you should get into the habit of updating all your internet-enabled devices on a regular basis. All modern devices come with an automatic update feature and you should never turn it off. Make sure you’re never late in updating critical software such as your operating system and your web browser.

Third, try to keep your IoT devices on a completely separate network from your computer. This reduces the likelihood of your IoT devices being used as a gateway to access your other devices.

Fourth, always change the default password of your device. This is perhaps the most obvious mistake that people make when dealing with their passwords. Routers and modems are specifically vulnerable if such mistakes are not corrected as their default passwords are often generic across all devices made by the same manufacturer.

Fifth, make use of a security suite that offers strong protection.

We’ve reviewed several antivirus programs and antimalware programs to make it easy for you to find the best software to suit your needs.

Sixth, have a couple of hard copies of all the sensitive information that you keep in digital form. This includes phone numbers and any passwords that you’ve not stored in your password manager. Keep such information in a private place and don’t rely on internet connectivity or any other kind of gadget to access it.

Finally, the best tip we can give you in the event of a cyberattack and for general internet use is to use a VPN service.


Using a VPN service is one of the easiest and most convenient actions you can take to protect yourself and your data from cybercriminals. We’ve compiled a list of the top ten best VPNs that you can use to help you find the VPN that’s right for you.
Zohair A. Zohair is currently a content crafter at Security Gladiators and has been involved in the technology industry for more than a decade. He is an engineer by training and, naturally, likes to help people solve their tech related problems. When he is not writing, he can usually be found practicing his free-kicks in the ground beside his house.
Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.