Leading academics focus on situation in Iran and potential for cyber attacks

Leading academics at Cranfield University have made comment on the present situation in Iran where tensions are rising in the Gulf region following the drone strike ordered by President Trump that killed General Qasem Soleimani. Iran has responded by vowing revenge and announcing it will no longer abide by the restrictions in its 2015 nuclear deal.

Dr Anicée Van Engeland, senior lecturer in international security at Cranfield University, said: “Iranians haven’t been this unified in a long time with moderate, reformist Iranians falling behind conservatives in their condemnation of the US’ actions. The killing of General Solemani has given the two sides within Iran a common enemy and has become a rallying point for Iranians.”

Dr Van Engeland continued: “There has been much talk of Iran leaving the nuclear deal struck with the European Union (EU), but this is a trajectory it has been on since the US announced renewed sanctions against it. Rather than leaving, it’s a further scaling back of its commitments under Article 26 of the agreement. We have seen previously Iran’s Atomic Energy Organisation announce that they could scale up uranium enrichment for domestic nuclear energy supply and there could be a political decision to do this. There is now tremendous pressure on the UK and other EU countries who want to make the nuclear deal work while maintaining allied relations with the US.”

In addition, Dr Van Engeland stated: “Both international law and Islamic law allows for retaliation and self-defence in the event of an attack such as this, so the legal path for Iran to respond looks clear. The issue Iran now faces is both political and security-focused in nature. Iranians will insist on a response and there seems little doubt that some form of retaliation will happen through possibly a cyber or hybrid attack. The question is will the response delivered satisfy the population who are unified in their outrage and condemnation of the US’ actions?”

Threat of cyber attack

Dr Duncan Hodges, senior lecturer in cyber space operations at Cranfield University, commented: “Iran is a credible offensive actor in cyber space having moved in recent years to boost its military capability in this area. In the past, Iran relied on third party groups and supportive hackers to carry out attacks.”

He added: “Iran’s history of cyber attacks has been more destructive rather than manipulative. They have looked to destroy and degrade infrastructure and hardware, most notably in their recent large-scale attack on a Saudi oil refinery. They’ve also not traditionally been too worried about being identified after the event, using detection as a way in which to demonstrate their strength in this area.”

Dr Hodges concluded: “Offensive cyber activity has been used in the past to de-escalate tensions and avoid physical military engagement, such as in the US/Iran conflict in the Gulf of Oman last year. With the present conflict we could, for the first time, see cyber attacks used to escalate conflict.”

In his first public statement since Soleimani’s death, Prime Minister Boris Johnson asserted that the 62-year-old had been “responsible for a pattern of disruptive and destabilising behaviour in the region”. Speaking to the BBC, Johnson explained: “Given the leading role he has played in actions that have led to the deaths of thousands of innocent civilians and western personnel, we will not lament his death. It’s clear, however, that all calls for retaliation or reprisals will simply lead to more violence in the region and that’s in no-one’s interest.”

Johnson informed the BBC that the UK is “in close contact” with all sides to encourage the de-escalation of tensions across the Gulf region. Parliament will be updated on the latest developments when MPs return to Westminster on Tuesday 6 January following the Christmas break.

Stealing valuable information

Ilia Kolochenko, founder and CEO of web security company ImmuniWeb, has commented: “I think that, in the near future, we will not observe major cyber attacks. Enemies of the US have already silently breached what they could, stealing valuable information including intelligence data, Intellectual Property and trade secrets. The majority of sophisticated Advanced Persistent Threats have already happened. Regrettably, their complexity often makes them undetectable and uninvestigable.”

Kolochenko continued: “Today, the attackers are unlikely to expose their invisible presence in compromised and ‘back-doored’ systems by inflicting highly destructive actions. Moreover, they probably have a crystal clear comprehension that such holistic activities will almost inevitably cause unprecedented trouble whether in a cyber or military context. The Western World has an immense capacity to ruin its adversaries in a cyber war, albeit not without collateral damage.”

In conclusion, Kolochenko added: “Obviously, a spiralling wave of unsophisticated attacks, including website defacements or primitive ransomware attacks, will probably target US citizens now. Most such attacks will, however, be undertaken by individuals related to Government structures. Therefore, American companies and individuals should be particularly vigilant in cyber space while this conflict goes on.”

About the Author
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.

Related Posts