February 18, 2014
Less than a week after Obama showed off the government’s “cybersecurity framework” and “best practices guide for banking, defense, utilities and other industries to help protect themselves against attacks by hackers,” the Wall Street Journal reports the supposed Iranian hack of the Navy’s largest unclassified computer network was more serious than originally reported.
The fresh round of details about the alleged attack initially reported last September raised the hackles of some lawmakers, according to Fox News. They will confront Obama’s choice to head up the NSA, Vice Adm. Michael Rogers, when he comes up for confirmation hearings, possibly next month. The Wall Street Journalreports today Rogers will be grilled on whether there is a long-term plan to address security gaps exposed by the attack.
Fox News believes the incident will not prevent Rogers from being confirmed as NSA director.
According to the Navy, the Iranians hacked into the Navy Marine Corps Intranet, described as an unclassified network used by the Department of the Navy to host websites, store nonsensitive information and handle voice, video and data communications. The Navy says the network has 800,000 users at 2,500 locations.
“It was a real big deal,” a senior U.S. official told the newspaper. “It was a significant penetration that showed a weakness in the system.”
The Journal said U.S. defense officials were taken aback by the skill of the Iranian hackers who were allegedly able to gain access to the network through a security weakness in the public-facing website.
The Navy admits no data was stolen or email accounts compromised. It said, however, that the Iranians were able to conduct surveillance.
If the intrusion is in fact true, it may be viewed as a response to the Stuxnet virus developed jointly by the United States and Israel. According to author David Sanger (Confront and Conceal: Obama’s Secret Wars and Surprising Use of American Power), the computer virus was inserted in an air-gaped network located at the Natanz refining facility in Iran.
Initially used to map the facility’s network for the NSA, the code was designed to attack Iran’s nuclear centrifuges. It nearly destroyed one-fifth of them. The virus eventually infected computers located in Indonesia, India, Azerbaijan, Pakistan, the United States and elsewhere.
Iranian Ambassador Hossein Moussavian said during an appearance at the Center for National Security at Fordham Law School the Stuxnet attack prompted Tehran to develop its own cyberwar capability. “The U.S., or Israel, or the Europeans, or all of them together, started war against Iran,” he said. “Iran decided to have… to establish a cyber army, and today, after four or five years, Iran has one of the most powerful cyber armies in the world.”
In January, 2013 U.S. government officials claimed Iran attacked U.S. bank networks in retaliation for economic sanctions imposed on the country in response to Iran’s alleged yet unproven effort to develop a nuclear weapon.
“There is no doubt within the U.S. government that Iran is behind these attacks,” James A. Lewis, a former official in the State and Commerce Departments and a computer security expert at the Center for Strategic and International Studies in Washington, told The New York Times.
In February, Iran’s PressTV accused the United States of exaggerating the threat of cyber attacks. “In the background of this the US has disclosed that it is creating 13 teams of covert hackers to carry out cyber attacks against other countries,” the Iranian government website reported. “The chief of the National Security Agency (NSA) said the teams are offensive in nature and will defend the country against attacks in cyber space.”
Bruce Schneier and other security experts believe the cyber war threat is greatly exaggerated. He warned in 2011 increased and often hysterical rhetoric about the threat of cyber war will result in increased militarization of the internet.
According to Lee Tien of the Electronic Frontier Foundation, the problem with the so-called threat of a cyber war is “an element of fear mongering that seems deceptive and more rhetorical than real. Since the discussion is classified and framed in a militarized context, we have no way of knowing what the real concerns are.”
This caution should be used when the Pentagon and U.S. officials, who have a long history of deception and lying, report Iran or any other officially designated enemy is engaged in hacking or cyber attacks, especially when legislation is pending on public-private collaboration on network security.