The bogus texts received recently appeared to be timed to coincide with the missile strikes, representing a novel combination of digital and physical attacks, said Gil Messing, chief of staff at Check Point Research, a cybersecurity firm with offices in Israel and the U.S.
“This was sent to people while they were running to shelters to defend themselves,” Messing said. “The fact it’s synced and at the same minute … is a first.”
The digital fight is likely to persist even if a ceasefire is reached, experts said, because it’s a lot easier and cheaper than conventional conflict and because it is designed not to kill or conquer, but to spy, steal and frighten.
While high in volume, most of the cyberattacks linked to the war have been relatively minor when it comes to damage to economic or military networks. But they have put many U.S. and Israeli companies on the defensive, forcing them to quickly patch old security weaknesses.
Investigators at the Utah-based security firm DigiCert have tracked nearly 5,800 cyberattacks so far mounted by nearly 50 different groups tied to Iran. While most of the attacks targeted U.S. or Israeli companies, DigiCert also found attacks on networks in Bahrain, Kuwait, Qatar and other countries in the region.
Many of the attacks are easily thwarted by the latest cybersecurity precautions. But they can inflict serious damage on organizations with out-of-date security and impose a demand on resources even when unsuccessful.
Then there’s the psychological impact on companies that may do business with the military.
“There are a lot more attacks happening that aren’t being reported,” said Michael Smith, DigiCert’s field chief technology officer.
It’s similar to a lot of the cyberattacks linked to pro-Iran hackers: splashy and designed to boost morale among supporters, while undermining the confidence of the opponent but without much impact to the war effort.
Smith said these high-volume, low-impact attacks are “a way of telling people in other countries that you can still reach out and touch them even though they’re on a different continent. That makes them more of an intimidation tactic.”
Iran is likely to target the weakest links in American cybersecurity: supply chains that support the economy and the war effort, as well as critical infrastructure like ports, rail stations, water plants and hospitals.
Iran also is targeting data centers with both cyber and conventional weapons, showing how important the centers have become to the economy, communications and military information security.
The hackers never demanded a ransom, suggesting they were motivated by destruction and chaos, not profit.
AI can be used both to increase the volume and speed of cyberattacks as well as allow hackers to automate much of the process.
But it’s disinformation where AI has really demonstrated its corrosive impact on public trust. Supporters of both sides have spread bogus images of atrocities or decisive victories that never happened. One deepfake image of sunken U.S. warships has racked up more than 100 million views.
Authorities in Iran have limited internet access and are working to shape the view Iranians receive of the war with propaganda and disinformation. Iranian state-run media, for instance, has begun labeling actual footage of the war as fake, sometimes substituting its own doctored images, according to research at NewsGuard, a U.S. company that tracks disinformation.
Heightened concerns about the risks posed by AI and hacking prompted the State Department to open a Bureau of Emerging Threats last year focused on new technologies and how they could be used against the U.S. It joins similar efforts already underway at agencies including the Cybersecurity and Infrastructure Security Agency and the National Security Agency.
AI also plays a role in defending against cyberattacks by automating and speeding the work, Director of National Intelligence Tulsi Gabbard recently told Congress.
The technology, she said, “will increasingly shape cyber operations with both cyber operators and defenders using these tools to improve their speed and effectiveness,” Gabbard said.
