The United States reportedly conducted a cyberattack against Iran in the wake of last month’s strike on key Saudi oil facilities, which many Western countries have blamed on the Islamic Republic.
The late September attack took aim at Tehran’s ability to spread propaganda and affected physical hardware, the Reuters news agency reported Wednesday, citing two unnamed US officials.
“It highlights how [US] President Donald Trump’s administration has been trying to counter what it sees as Iranian aggression without spiraling into a broader conflict,” the report said. “The strike appears more limited than other such operations against Iran this year after the downing of an American drone in June and an alleged attack by Iran’s Revolutionary Guards on oil tankers in the Gulf in May.”
The report did not provide more details on the attack and said it wasn’t clear whether there have since been additional US cyberattacks against Iran.
The Pentagon refused to comment on the cyberattack, telling Reuters: “As a matter of policy and for operational security, we do not discuss cyberspace operations, intelligence or planning.”
The September 14 attack on Saudi oil installations claimed by Yemen’s Houthi rebels damaged a third of Saudi Arabia’s oil infrastructure and sent global energy prices soaring. Washington, Riyadh, Berlin, London and Paris blamed Iran for the attacks, which Tehran has denied having had any connection to.
The strike prompted the Pentagon to approve the deployment of 3,000 additional troops and military hardware to Saudi Arabia to boost the country’s defenses.
The reported US cyber offensive is the latest chapter in the US and Iran’s ongoing cyber warfare following Trump’s withdrawal from the 2015 nuclear agreement with Iran and stepping up of sanctions against the country.
Microsoft said earlier this month that it believed that hackers linked to the Iranian government had been targeting a US presidential campaign, as well as government officials, media targets and prominent expatriate Iranians.
Overall, the hackers attempted to penetrate 241 accounts — four successfully — though none of those penetrated was associated with presidential campaigns or current or past US officials, Microsoft said. A company spokeswoman declined to identify those targeted, citing customer privacy.
Reuters and The New York Times reported that the attacks targeted Trump’s reelection campaign, but that could not be independently confirmed.
A review of publicly available internet records by AP showed that the Trump campaign’s official website is linked to Microsoft’s email service.
The campaign website is the only major candidate’s site connected to Microsoft’s cloud email service, and his campaign has spent tens of thousands of dollars on the company’s products, Reuters said.
The New York Times report saying Trump was targeted cited two people with knowledge of the attacks who were not allowed to discuss them publicly, and said it wasn’t clear if the campaign had been compromised in any way.
In June, cybersecurity firms said Iran has increased its offensive cyberattacks against the US government and critical infrastructure as tensions have grown between the two nations.
Hackers believed to be working for the Iranian government have targeted US government agencies, as well as sectors of the economy, including oil and gas, sending waves of spear-phishing emails, according to representatives of cybersecurity companies CrowdStrike and FireEye, which regularly track such activity.
Iran has long targeted the US oil and gas sectors and other critical infrastructure, but those efforts dropped significantly after the nuclear agreement was signed in 2015. After Trump withdrew the US from the deal in May 2018, cyber experts said they have seen an increase in Iranian hacking efforts.
The US has had a contentious cyber history with Iran.
In 2010, the so-called Stuxnet virus disrupted the operation of thousands of centrifuges at a uranium enrichment facility in Iran. Iran accused the US and Israel of trying to undermine its nuclear program through covert operations.
Iran has also shown a willingness to conduct destructive campaigns. Iranian hackers in 2012 launched an attack against state-owned oil company Saudi Aramco, releasing a virus that erased data on 30,000 computers and left an image of a burning American flag on screens.
In 2016, the US indicted Iranian hackers for a series of punishing cyberattacks on US banks and a small dam outside of New York City.
Tensions have risen in the Persian Gulf since May last year when Trump unilaterally abandoned the nuclear deal between major powers and Iran and began reimposing crippling sanctions in a campaign of “maximum pressure.”
They flared again this May when Iran began reducing its own commitments under the deal and the US deployed military assets to the region.
Since then, ships have been attacked, drones downed and oil tankers seized. This month, twin attacks on Saudi oil infrastructure, which knocked out half the kingdom’s production, drew accusations of blame from Washington and Europe.
Tehran has denied any involvement in the attacks which were claimed by Iran-backed rebels fighting a Saudi-led coalition in Yemen.
AP contributed to this report.