Report: U.S. Cyberattack Degraded Iran's Ability to Target Shipping

American cyber forces on station: Joint Forces Headquarters-Cyber (Air Force), 624th Operations Center, Joint Base San Antonio-Lackland (USAF file image)

Published Aug 28, 2019 9:01 PM by The Maritime Executive

Recent American cyberattacks on an Iranian intelligence group were successful in reducing Iran's capability to attack merchant shipping, American officials told the New York Times in a report published Monday. 

In late June, unnamed officials told American media that U.S. Cyber Command had carried out an attack on the communications and computer systems of an Iranian intelligence unit. The target had allegedly been involved in the suspected limpet mine attacks on six tankers in the Gulf of Oman in May and June. Iran denies that its forces were involved in the tanker attacks, and it has also denied that American cyberattacks have succeeded in damaging Iranian systems. "No successful [cyber] attack has been carried out by them, although they are making a lot of effort," Iranian telecom minister Mohammad Javad Azari Jahromi said in a Twitter post in late June.

President Donald Trump personally approved the U.S. Cyber Command operation, according to the Wall Street Journal. The action occurred on June 20, the same day that the president ordered and canceled a strike on Iranian military positions in retaliation for the downing of an American drone.

The Iranian unit targeted by U.S. Cyber Command has ties to the Islamic Revolutionary Guard Corps, officials said, and the cyberattack is believed to have degraded the IRGC's ability to carry out attacks on shipping. No kinetic attacks on ships have been reported in the Gulf of Oman since the action occurred (the boarding and seizure of the tanker Stena Impero aside). 

The cyberattack led to renewed debate in the U.S. intelligence community over the value of sacrificing electronic access to the target's networks in order to cause damage. Once an obvious cyberattack occurs, the target is likely to discover and shut down system vulnerabilities, closing off useful intelligence-gathering channels, officials told the Times.