WASHINGTON A former U.S. government official says American authorities firmly believe that Iranian hackers, likely supported by the Tehran government, were responsible for recent cyberattacks against oil and gas companies in the Persian Gulf and that they appeared to be in retaliation for the latest round of U.S. sanctions against the country.
The former official spoke
to The Associated Press shortly before Defense Secretary Leon Panetta,
in a speech to business leaders in New York City Thursday night, became
the first U.S. official to publicly acknowledge the computer-based
assaults. He called them probably the most destructive cyberattacks the
private sector has seen to date.
And while Panetta did
not directly link Iran to the Gulf attacks, he made it clear that the
U.S. has developed advanced techniques to identify cyberattackers and is
prepared to take action against them.
A U.S. official
said the Obama administration knows who launched the cyberattacks
against the Gulf companies and that it was a government entity.
agencies have been assisting in the Gulf investigation and concluded
that the level of resources needed to conduct the attack showed there
was some degree of involvement by a nation state, said the former
official. The officials spoke on condition of anonymity because the
investigation is classified as secret.
aggressors should be aware that the United States has the capacity to
locate them and hold them accountable for their actions that may try to
harm America," Panetta said in a speech to the Business Executives for
National Security. He later noted that Iran has "undertaken a concerted
effort to use cyberspace to its advantage."
chose his words carefully, one cybersecurity expert said the Pentagon
chief's message to Iran in the speech was evident.
not something where people are throwing down the gauntlet, but I think
Panetta comes pretty close to sending a clear warning (to Iran): We know
who it was, maybe you want to think twice before you do it again," said
cybersecurity expert James Lewis, who is with the Center for Strategic
and International Studies. "I think the Iranians will put two and two
together and realize he's sending them a message."
said Panetta's remarks were an important step by the U.S., because the
Iranian cyberthreat "is a new dimension in 30 years of intermittent
conflict with Iran for which we are ill-prepared. It's really important
to put them on notice."
The cyberattacks hit Saudi
Arabian state oil company Aramco and Qatari natural gas producer RasGas
using a virus, known as Shamoon, which can spread through networked
computers and ultimately wipes out files by overwriting them.
defense officials said the information was declassified so that Panetta
could make the public remarks. The officials added that the Pentagon is
particularly concerned about the growing Iranian cyber capabilities, as
well as the often discussed threats from China and Russia. The two
officials spoke on condition of anonymity because they were not
authorized to discuss the cyberthreats publicly.
speech, Panetta said the Shamoon virus replaced crucial system files at
Aramco with the image of a burning U.S. flag, and also overwrote all
data on the machine, rendering more than 30,000 computers useless and
forcing them to be replaced. He said the Qatar attack was similar.
offered no new details on the Pentagon's growing cyber capabilities or
the military rules of engagement the department is developing to guide
its use of computer-based attacks when the U.S. is threatened.
said the department is investing more than $3 billion a year in
cybersecurity to beef up its ability to defend against and counter
cyberthreats, including investment in U.S. Cyber Command. And the
Pentagon is honing its policies so that any actions comply with the law
of armed conflict.
"Our mission is to defend the nation.
We defend. We deter. And if called upon, we take decisive action to
protect our citizens," he said.
He added, however, that
the department will not monitor American citizen's personal computers,
or provide for the day-to-day security of private or commercial
Panetta used the Persian Gulf attacks in his
remarks as a warning to the business community that it must embrace
stalled legislation that would encourage companies to meet certain
cybersecurity standards. And he is endorsing a planned move by President
Obama to use his executive powers to put some of those programs,
including voluntary standards, in place until Congress is able to act.
attacks mark a significant escalation of the cyber threat," Panetta
said. "And they have renewed concerns about still more destructive
scenarios that could unfold."
U.S. authorities have
repeatedly warned that foreign Internet hackers are probing U.S.
critical infrastructure networks, including those that control utility
plants, transportation systems and financial networks.
know of specific instances where intruders have successfully gained
access to these control systems," Panetta told the business group. "We
also know that they are seeking to create advanced tools to attack these
systems and cause panic and destruction, and even the loss of life."
leaders, including the U.S. Chamber of Commerce, were opposed to the
legislations, arguing it would expand the federal government's
regulatory authority companies already struggling in the tough economy.
The bill also encourages more information sharing between the government
and private companies.
Panetta pressed the group to
support the stronger cybersecurity measures, warning that failure to do
so could have catastrophic consequences.
September 11, 2001 the warning signs were there. We weren't organized.
We weren't ready. And we suffered terribly for that lack of attention,"
said Panetta. "We cannot let that happen again. This is a pre-9/11