Iran cyber attack on US could result in loss of life

London, UK

The US attack on Iran that caused the death of Iranian general Qasem Soleimani has led to mounting discussions of war, but for many, it is a battle that looks set to be fought as much on digital lines as physical ones, through cyber attacks on US companies and critical infrastructure.

Globaldata’s technology editor Lucy Ingham says: “Tom Kellermann, head cyber security strategist at VM ware Carbon Black and former cyber security commissioner for President Obama, anticipates significant and at times very serious cyber warfare activity from Iran over the next few weeks. So what actions can we expect Iran to take against the US when it comes to cyber attacks, and how well prepared is the US to withstand them?”

Kellerman tells Globaldata: “I think it’s [cyber attacks] very likely in terms of the impact on US civilians and US critical infrastructure. I don’t think it will be limited to a cyber response.

“I do think that this will be prolonged, that the cyber attacks against the US will be prolonged. They will mimic more of an insurgency than one-off massive attacks due to the nature of which Iranians have successfully burrowed into numerous us critical infrastructures over the past couple of years, specifically in energy, and that backdoor and that footprint on those systems has yet to be fully eliminated.

“The US as a whole is not well prepared to deal with this type of attack because of the nature in which the private sector does not allow, typically, US government agencies to come in and help them solve their cyber problems. Because of the lack of an industrial policy in the US, the Department of Homeland Security can’t proactively help harden or protect corporations in the US unless they are invited to do so. This is compounded by the fact that in the US, we’ve taken a very reactive approach to cyber security and critical infrastructures with more of a focus on things like resiliency, which have exacerbated the cyber attack surface. And in addition to that, more of a focus on vulnerability assessment, then active cyber threat hunting.

“I think that hopefully, the silver lining here of this very ominous dark cloud will be that we will see a shift in the culture of cyber security in the US to make it a functionality of conducting business, and to really go to a proactive stance where people are actively looking for compromised systems and backdoors and systems on a regular basis through cyber threat hunting.”

Kellerman: "Do you think we are going to see a shift in the way people see cyber attacks, where they see them more in line with terrorist attacks?"

“I do and I do think that, tragically, what we will experience over the next few weeks will highlight that the nature in which cyber attacks can have physical real-world consequences and can leverage kinetic events that could very much result in a loss of life of human beings.”


Product Suppliers
Back to top