'Reasons to be wary': Weighing cyber risks amid U.S.-Iran tensions
The possibility of a crippling Iranian cyberattack still looms, threatening the U.S. government, businesses, and individuals.
After weeks of unrest, tensions between the U.S. and Iran appear to be waning — just slightly. When the conflict seemed to reach the brink of open military warfare earlier this month, President Trump declared that “Iran appears to be standing down.” On the contrary, a Western diplomat told Bloomberg that Iran is not backing down, stating the Islamic Republic still wants the U.S. to pay for killing its top military commander and for strict sanctions imposed since 2018.
It’s not clear when the political disorder between these nations will fully dissipate. After all, the U.S. and Iran have been engaged in an ongoing “shadow war,” resulting in years of back-and-forth cyber retaliation. And in light of recent events, the U.S. government is on its toes anticipating the next Iranian cyberattack, and businesses and individuals should be too.
‘There are reasons to be wary’
When President Trump ordered the military drone strike on Jan. 3, 2020, that killed Iran’s most powerful military figure, General Qasem Soleimani, and other militia officers at Baghdad airport, Iranian hackers immediately responded with threats of retribution.
Although nothing has materialized out of these warnings, history serves as a harbinger of what could come.
In 2013, Iranian hackers broke into the control system of a small dam about 20 miles outside New York City. The following year, they attacked a Las Vegas Casino, causing computer shutdowns, email outages and disrupting other critical operation systems, Bloomberg reported.
The U.S. has also launched cyberattacks amidst the shadow war. As recently as June 2019, the U.S. carried out a series of cyberattacks against an Iranian Intelligence Group believed to have been involved in oil tanker attacks, said the New York Times.
Why the cyberspace tug of war? In an article for Bloomberg, Stephen Carter wrote that “a battle in cyberspace feels far safer than one fought out with force of arms. One might suppose that because the U.S. is the dominant online player, a fight in the digital realm would be to its liking. But there are reasons to be wary.”
Rating agency Moody’s recently issued a report in response to warnings from the FBI and the U.S. Department of Homeland Security of the growing risks of potential Iranian cyberattacks.
“The inherent cyber risk exposure of issuers is largely defined by the sectors in which they operate and their business processes and activities,” Lesley Ritter, vice president at Moody’s and lead author, said in the report. “In developing a framework for understanding the relative levels of cyber risk across sectors, we consider the median issuer in each sector across two dimensions: vulnerability to the type of attack or event to which entities in a given sector are exposed, and impact, including the disruption of critical business processes, loss of data access or heightened reputational risk. Both dimensions can lead to financial stress such as increased expenses for recovery or reductions in revenue, or political risks in the case of governments.”
According to Moody’s, the abundance of potential targets makes predicting when and where a cyberattack could strike challenging. Evidence suggests Iranian hacking groups are making strides to target operational technology and industrial control systems, similar to the attack mentioned above on the New York dam. However, some experts question Iran’s ability to carry out a sophisticated attack against advanced systems successfully. Instead, they see less-sophisticated types of cyberattacks, such as ransomware and distributed denial of service (DDoS) campaigns, as the more likely scenario.
Wide-ranging risks
The average U.S. citizen may be skeptical of the effects an Iranian cyberattack could have on their everyday life. Still, small-scale anarchy and interruption with limited impact are what one expert foresees as the most likely outcome, wrote Carter.
Accordingly, individuals and businesses large and small should be vigilant.
“We all hope that no hostilities escalate, but if they do, and if they involve the use of coordinated cyber technology attacks, we may see those occur in different forms,” Darren McGraw with Mechelsen Private Client, told PC360. “Like any assault, the aim would be to exploit points of weakness, cripple widely-relied upon infrastructure, and cause disruption in normal lives and operations.
“Of importance for individual families is the recognition that in today’s cyber risk environment, the consequence of a large scale cyberattack may be wide-ranging enough to impact them personally,” he continued. “As risk and insurance advisors, we are accustomed to encouraging families to prepare for the consequences of life during and after a hurricane, or an earthquake, or some other natural disaster. We encourage families to have a family disaster plan for natural disasters, and we should be encouraging our clients to have a family disaster plan should there be a large scale cyberattack.”
Although cyber insurance is a critical policy layer needed to reduce potential losses, McGraw advises individuals to “understand what coverages are available and realize that their exposure to cyber loss can come from many different directions and take many different forms.”
A firm understanding of insurance policy language is especially crucial concerning exclusions. “Homeowners and commercial insurance policies often have ‘acts of war‘ exclusions, which means the policy would not pay for related events,” Lisa Lindsay, executive director of the Private Risk Management Association (PRMA), explained to PC360. “On the other hand, homeowners’ policies don’t specifically reference terrorism, so damage to property caused by acts of terrorism (fire, explosion, smoke, etc.) would typically be covered. In most cases, businesses would need to purchase terrorism coverage in order to be covered.”
Be prepared
Thankfully, the cyber threats that have transpired between the U.S. and Iran have not been damaging enough to cause irreversible wounds. However, there are steps individuals can make to be prepared in the event of a paralyzing cyberattack. McGraw suggests the following tips:
- Have a communication plan with family if traditional phone and internet connections are down or unreliable.
- Be sure to have back-up power like batteries, hand-crank generator, etc.
- Have a physical security and safety plan in place.
- Have stored food and water and a way to purify water.
- Be sure to regularly back-up electronic data and information, especially of financial records and personal identification.
- Be extra vigilant with cyber behaviors and on the lookout for unusual activity or communications.
Even though the U.S.-Iran cyberwar has long lived in the shadows, we can’t predict if and when it will take center stage. For now, we can proceed with caution and consider Carter’s words, “No matter who wins the 2020 presidential election, the [U.S.-Iran] battle war won’t go away.”
Related: