Cyber warfare is usually waged in secret. In a world where borders and geography are of no importance, the main challenge is to take action and cause damage without leaving tracks and risking reprisal. That is how all the players operate. The professionals are more successful, the amateurs, less so.
According to a report released in the United States on Tuesday, however, Israel, a super-professional, changed the rules. Not only did it attack, but it also made sure that everyone knew it had done so. Not by mistake, or through over-enthusiasm or on a whim; Israel did it intentionally, as a challenge, even crudely. It apparently happened after several discussions and consultations, and even the Diplomatic-Security Cabinet, which no one usually pays attention to, was looped in and approved the move.
The Washington Post report about an Israeli cyberattack on Iran’s Shahid Rajaee Port was intended to send Tehran a clear message: watch out. We can assume that message was sent to decision-makers in Iran in this manner out of concern that the attack itself and its results might otherwise have been kept from them. They should know that the acts their satellites carry out can boomerang on Iran and cause massive damage.
The report was the peak of a series of events that began following an earlier report about an Iranian cyberattack on Israel’s water infrastructure.
The Iranians might not have managed to do any serious damage, but they crossed a dangerous line: The attack could have been an attempt to add chemicals to Israel’s water supply, or a biological attack. And given that this was vital civilian infrastructure, the attack could be seen as a declaration of war.
The immediate response, that was attributed to Israel, came in the form of an attack on Iran’s most important piece of civilian infrastructure: the country’s newest port, one of its most important points of entry and exit.
For two days, the port’s computers were offline, leading to massive delays in shipping and passenger traffic, as well as cargo loading and unloading.
The Iranians probably suspected that it was an Israeli attack, but the report on Tuesday, which included satellite images that had been provided to the paper, might have been designed to clear up any remaining ambiguity. Israel drew a line in the sand: civilian infrastructure is off-limits. If Iran tries such an attack again, Israel will do the same, and more powerfully.
It was no coincidence that The Washington Post was chosen as a platform for the message. It is one of the most important newspapers in the world, highly credible, and it has a far reach.
The message was primarily directed at Tehran, but the report was also aimed at officials in Washington. The exposure of the fact that the attack on Israel had used American servers was an attempt to paint Iran as an entity that flouts all laws and norms, even going so far as to target civilian infrastructure, which is supposed to be off-limits, and justify the U.S. administration keeping up its tough policy on Iran.
But this latest event should also be examined from other angles. Israel should ask itself questions about how secure its vital infrastructure is. Water infrastructure is supposed to be secured at the highest level, according to instructions from Israel’s Shin Bet security agency and the Israel National Cyber Directorate. It’s doubtful that every piece of infrastructure (electricity, water, oil, hospitals, banks, etc.) can be hermetically protected, but the attack was a wake-up call that at the very least should be thoroughly evaluated, especially since Iran demonstrated that it is more capable than it used to be.
That Iran opted to attack infrastructure that is clearly civilian should also be proved. Is this a new Iranian tactic that comes as a response to Israel’s ongoing strikes against the Quds Force in Syria, or a separate line of attack designed to open up a new front against Israel?
Israel and Iran have been waging a cyber war for some time now. Thus far, the best-known action attributed to Israel (and the United States) in this war is the taking down of Iran’s uranium-enrichment centrifuges at the start of the previous decade. Various reports have also attributed a series of other, lower-level, cyberattacks to Israel and the United States.
Now it appears that both sides have taken things up a notch. If until now attacks attributed to Israel and Iran took aim at military and defense targets, the open transition to the civil front takes things to a much more volatile point. Therefore, we can see Tuesday’s report as the moment the first cyber war officially began.
Yoav Limor is a veteran Israeli journalist and columnist for Israel Hayom.
This article first appeared in Israel Hayom.