Cyber Command Should Tap on Iran’s Windows

The Biden administration wants to avoid the Israel-Hamas war sparking a wider regional conflict, but Iran hasn’t gotten the message. While U.S. intelligence claims Iran wants to avoid a larger war with Israel, Hezbollah fires an increasing number of rockets and missiles at Israel, hoping to spark a response. Meanwhile, the Houthis in Yemen launch missiles and drones at Israel. Other Iranian proxies in Iraq and Syria attack U.S. forces with increasing frequency.

White House warnings and airstrikes in Syria haven’t convinced Iran to change course, so perhaps it’s time to send in the nerds to remind Iran of the full scope of American power. The U.S. government could again employ sanctions to starve the Iranian regime of the cash to fund terror proxies and internal repression but, with a couple carefully placed keystrokes, it could go further.

Cyber Command boasts of its “hunt forward” missions when it deploys teams overseas to work alongside U.S. allies and partners to rid their networks of malicious activity and secure partner critical infrastructures. Cyber Command is tight-lipped, though, about its offensive cyber operations.

Public reporting has revealed only a handful of operations over the past five years, including an effort to deter Russian cyber interference in the 2018 midterm elections. At the time, Cyber Command tapped on the windows of Russian hackers involved in such cyber interference to demonstrate their knowledge of Russia’s operations. On Election Day and for a few days after, Cyber Command blocked their internet access. The operation threw enough sand in the gears to thwart disinformation campaigns. Had it not been for this operation, there “would have been some very serious cyber-incursions,” Sen. Mike Rounds (R-S.D.) said at the time.

In 2019, in response to Iran shooting down a U.S. RQ-4 Global Hawk surveillance drone, then-President Donald Trump approved an offensive cyber operation to disable the Iranian computer systems used to plan attacks on oil tankers in the Persian Gulf.

Cyber Command should send a similar message today to compel Tehran to reign in their regional proxies including Hezbollah.

Cyber Command knows a great deal about how Iran operates in cyberspace. Every day, U.S. operators thwart adversarial efforts to undermine U.S. national security. In addition, earlier this year, Cyber Command helped Albania excise Iran from its networks after Tehran launched a devastating ransomware attack because Albania provides refuge to an Iranian dissident group. Armed with that operational knowledge, its action could be subtle.

Cyber Command could turn off and on the regime’s internet access, signaling in Morse code “We see you” or temporarily garble the regime’s bank accounts. While there is no shortage of targets in the Islamic Republic, Cyber Command hint how deeply U.S. operators have penetrated Hezbollah’s online networks.

Such actions show American strength. They warn, but do not risk war. Could Iran retaliate in kind? Certainly. Last month, the FBI director warned that if the war expands, Iran may conduct cyberattacks again American businesses. This is why it is essential to remind the Islamic Republic: Anything they do, we can do better.

If Cyber Command can effectively communicate the message, the American public may never know. Iran may simply watch from the sidelines as Israel destroys Hamas, and only the White House and our closest allies will know why. While Cold War deterrence often utilized public displays of conventional and nuclear weapons capabilities, quiet messages in computer code can be just as effective.

Rear Adm. (Ret.) Mark Montgomery is the senior director of the Center on Cyber and Technology Innovation at the Foundation for Defense of Democracies (@FDD) and former executive director of the congressionally mandated Cyberspace Solarium Commission. He served for 32 years in the U.S. Navy as a nuclear-trained surface warfare officer. Annie Fixler is the director of CCTI and FDD research fellow. FDD is a Washington, DC-based, nonpartisan research institute focusing on national security and foreign policy.