WSJ: Iran Hacked New York Dam in 2013

The Wall Street Journal reports that, less than two years ago, Iranian hackers violated the antiquated control systems of a dam less than twenty miles from New York City.  The alarm over the intrusion was sufficient that the White House was briefed by the FBI once the intrusion was discovered.  As the Journal notes, however, this was only one of hundreds of such attacks that year — and there were even more attacks this year.  Cyber attacks on industrial systems represent a key opportunity for Iranian terrorism, one that American industries are bringing upon themselves:

Many of the computers controlling industrial systems are old and predate the consumer Internet. In the early digital days, this was touted as a security advantage. But companies, against the advice of hacking gurus, increasingly brought them online in the past decade as a way to add “smarts” to U.S. infrastructure. Often, they are connected directly to office computer networks, which are notoriously easy to breach.

These systems control the flow in pipelines, the movements of drawbridges and water releases from dams. A hacker could theoretically cause an explosion, a flood or a traffic jam.

The reason that the older systems would have been a security advantage had they remained disconnected from the internet is that they were not compatible with remote control.  They were also immune to viruses both because the virus would have no means of accessing the control systems, and because viruses operate on particular code native to a given operating system.  The older systems would not respond to new viruses — one would have to be written to act on the particular historic system that happened to be in use at a given dam or other industrial site.

By hooking the industrial systems up to modern computers that are connected to the internet, and creating control systems to allow the modern computers to operate the older systems, we have ourselves made the industrial architecture vulnerable to cyber terrorists.  Now our ordinary office computers, so readily hacked or infiltrated by viruses, can be seized and used to ’cause an explosion, a flood or a traffic jam.’  Iran has been quick to recognize the opportunity as a low-cost way to carry out terror attacks within America.

Iran’s cyber terrorism within America has been “less restrained” and “more intent on causing harm” than that carried out by Russia or China.  Those powers are intent on espionage, and may want the intrusions to remain undetected as much as anything else.  Many times the advantage of successful espionage is lost or mitigated if the intrusion becomes known.  Iran’s teams are looking for ways to hurt the United States, not merely to steal our secrets.  Iran’s Revolutionary Guards Corps (IRGC) has a unit devoted to leading the efforts to hack into American systems and cause mayhem.

Iran may be motivated in part by a desire for revenge for the STUXNET virus that damaged its nuclear weapons program.  However, they are also simply looking for leverage against America during the period following the end of sanctions accompanying the nuclear deal.  The deal is a massive victory for Iran, which obtains advanced nuclear technology and an end to sanctions in return for effectively nothing — Iran is already violating the deal where it is convenient, especially on ballistic missile testing, without penalty.  Nevertheless, Iran is terrified that its systems of control over its population will be weakened by the new period of investment and connection with the West.  The IRGC has gone on what is described as a “witch-hunt” for American infiltrators and sympathizers, with the direct backing of Supreme Leader Ayatollah Ali Khamenei.  At the same time, though Iran says it will regard any new sanctions imposed on itself by America as a violation of the deal, Iran has imposed sweeping new sanctions on American goods and firms.

Cyber warfare is another means for Iran to hit back at the United States during this period.  Their intense and increasing interest in finding ways to damage America and its industry is a product of this paranoia about increased foreign influence.