Israel’s cyberattack on Iran’s largest port earlier this month, reported Monday to have caused massive disruptions to its operations, in fact caused only minor damage — and by design — The New York Times reported Wednesday.
Israel has refused to officially comment on the report, which cited US and other foreign officials as saying Israel was likely behind the computer attack.
Shahid Rajaee Port, in the southern Hormozgan Province, is located some 25 kilometers (15 miles) from the city of Bandar Abbas. It is also known as the port of Bandar Abbas.
Israel has long accused Iran of using the port for military purposes to aid terrorists elsewhere in the Middle East, including the Jewish state’s foes Hamas and Hezbollah, with the IDF intercepting some of the shipments.
The Times on Wednesday said Israel was indeed behind the attack but cast doubt on its scale, citing “high-ranking intelligence officials and experts in the Middle East who are kept informed of covert Israeli actions in the region.”
“The attack on the computer systems at the Shahid Rajaee port in the strategically important Strait of Hormuz was limited in scope, creating traffic jams of delivery trucks and some delays in shipments, but causing no substantial or lasting damage,” the report said.
The attack was apparently in response to an alleged Iranian attempt to hack into Israel’s water infrastructure system. Israel’s high-level security cabinet held a secret meeting to discuss a response to the hack attack on May 7, according to Channel 13 news, and regarded the attempt to damage its water system, a non-military target, as crossing a red line.
Israeli officials originally did not even think the Iranian attack warranted a response, according to the Wednesday report, and the retaliation was pushed by now-former defense minister Naftali Bennett, who also ordered that it be leaked to international media.
According to the report, the port has been hobbled by US-led sanctions on Iran and currently only handles 20 ships a month at most. It was specifically chosen as a non-central target with the goal of sending a message more than to inflict actual damage, the report said.
However, as of several years ago, before sanctions decimated Iran’s economy, the port was by far its largest and most strategically important. It accounts for some 60 percent of all the country’s port activity, Mohammad Saeednejad, the former managing director of Ports and Maritime Organization of Iran, said in 2017.
“The significance of the port lies in the fact that it is located at the mouth of the Strait of Hormuz where nearly 50,000 vessels of different countries sail annually,” he told Iran’s ILNA news agency at the time.
Saeednejad added that between March 2016 and March 2017, exports from the port totaled some 44 million tons of goods worth more than $11.14 billion, and imports totaled nearly 10 million tons worth $18.65 billion.
Iran has also claimed that the attack caused significantly less damage than originally reported by the Washington Post.
On Tuesday, the country’s Tasnim news agency quoted an unnamed official as claiming that no major disruptions were caused at the port, and that civil defense units had been able to mostly thwart the attack “due to their timely and effective response to the infiltration attempt.”
The report also quoted Mohammad Rastad, the current managing director of the Ports and Maritime Organization of Iran, as saying that the hack didn’t damage any of its systems but “was only able to infiltrate and damage a number of private operating systems at the ports.”
Satellite images of the port on May 11 and May 12 taken by Planet Labs and seen by The Times of Israel appeared to show a large number of ships idling off the port and a buildup of containers on dry land, days after the alleged Israeli cyberattack.
Israel’s security firms and agencies have reportedly been preparing for a potential Iranian or Iran-linked cyberattack in response to the attack on the port.
Security officials on Tuesday instructed agencies and sensitive facilities to raise their awareness and preparedness for the option of a retaliatory cyberattack as part of an apparent new tit-for-tat war, Hebrew-language media reported.
Army chief Aviv Kohavi on Tuesday hinted at Israel’s role in the cyberattack, saying the IDF would continue to use “various military tools” against the country’s enemies.
While it is not unusual for politicians to insinuate Israeli involvement in attacks on Iran and terror groups, it is less common for senior IDF officers — who tend to maintain a policy of ambiguity regarding the military’s activities abroad — to do so.
On Tuesday, the former head of IDF Military Intelligence, Amos Yadlin, said the Iranian cyberattack on water facilities, which failed to cause significant damage, appeared to be in response to recent Israeli airstrikes against Iran’s forces and proxies in Syria.
A security official, who spoke on the condition that his identity and nationality not be revealed, told The Washington Post that the attack caused “total disarray” at the port.
“Computers that regulate the flow of vessels, trucks and goods all crashed at once, creating massive backups on waterways and roads leading to the facility,” the Post reported, adding that it had seen satellite photos showing miles-long traffic jams leading to the port and ships still waiting to offload several days later.
Iran later acknowledged that an unknown foreign hacker had briefly knocked the port’s computers offline.
The response appeared to indicate that Israel has adopted a “tit-for-tat” strategy in responding to Iranian cyber warfare, like that already used by the Israeli military with physical, or kinetic, attacks, an Israeli official said.
“The cyberattack on the [Shahid Rajaee port] in Iran was an Israeli response to the cyber attack that [the Iranians] carried out against Israel two weeks before against Mekorot [national water company] components — an attack that failed,” the official told Channel 12 news, on condition of anonymity.
“Israel hopes that [the Iranians] stop there. They attacked water infrastructure components. They didn’t really cause damage — but they crossed a line and [Israel] needed to retaliate,” the official said.
Iran — whose regime avowedly seeks the Jewish state’s destruction — and Israel have engaged in covert cyber-warfare for over a decade, including reported efforts by the Jewish state and US to remotely sabotage the Islamic Republic’s nuclear program in 2010 using an advanced cyber weapon known as Stuxnet.
Agencies contributed to this report.