Half of Turkey—44 of 81 provinces, 40
million people including those living in Istanbul and Ankara, suffered a
massive power outage that lasted a solid twelve hours. It happened on Tuesday,
March 31st.
It happened
because Iran wanted it to happen. The blackout in Turkey was caused by a cyber
hack that originated in Iran.
This cyber
attack was payback, a taste of what Iran has to offer. Everything went down.
Computers, airports, air traffic, traffic lights, hospitals, lights, elevators,
refrigeration, water and sewage, everything simply stopped. In an instant,
Turkey was transported back to the stone ages.
Attacks like
this one are caused by malware inserted into computers via an email or a thumb
drive that is attached to a computer that is somehow connected to the electric
grid. The invading codes respond to commands and are activated by a
message—often something as simple as an email. And it doesn’t even have to be
an opened email. The program can be automatic or it can be
controlled by an operator, it all depends on the type of hack. That’s how
sophisticated these attacks can be.
There is a reluctance to announce a
cyber hack. Bloomberg Business, on April 1st, cautiously wrote
about the attack on Turkey, “while the source of the problem is still unknown, a 2008 oil pipeline explosion in Turkey was
orchestrated via computer… demonstrates the increasing ability to penetrate systems.”
Those who know, know.
Iran wanted an apology for what they termed Prime Minister Erdogan’s “inappropriate and unusual response.” Turkey did not apologize. So Iran turned out the lights in Turkey.
As far back as September 27, 2013 The Wall Street Journal reported on an Iranian hack against US
naval computers. And this week the American Enterprise Institute and
the Norse Corporation (a cyber security company) released a study entitled “The
Growing Cyber Threat from Iran.” Iran’s cyber army has propelled itself
into one of the world’s best. They have become very good at their craft and
have probably inserted malware into the electric grids of many, many, other
countries—probably even the United States. Over the past twelve months we know
that Iran has successfully and repeatedly broken into the defensive systems
networks of several Western nations. These reports come from Debka, Israel National News, Breitbart and even the Pakistan Defense Forum.
USA Today, on December 2, 2014, described a highly sophisticated
coordinated hack that had just taken place and explained that Iran attacked 50
targets in 16 countries. Cylance a cyber security firm headquartered
in California called a different Iranian hack Operation Cleaver—named because
the word “cleaver” was repeated over and over again in the code. And an Iranian
hacker team responsible for other attacks has been nicknamed “Cutting
Kitty.” The kitten reference is an allusion to the Persian cat.
These events were all reported, although only lightly covered, in papers across
the US.
There is a timeline that can help us understand why Iran
decided to hack Turkey and why it happened when it did. It all began with Yemen
and Saudi Arabia’s coalition and bombing in Yemen. The Saudis were out there
confronting the Iranian-supported Houthi.
On March 26th Turkish President Erdogan defended the Saudi
bombings. “Can this be allowed?” asked Erdogan. “This is intolerable and Iran
must see this.” He was referring to Iran’s proxy involvement and sponsorship of
the Houthi, the rebel tribe that is intent upon taking over Yemen.
Little did the Turkish leader realize how great a sin he
committed by challenging Iran publicly. Four days later, on Monday, March 30th
the Turkish charge d’affaires to Teheran was summoned. The Iranian foreign
ministry spoke forcefully and forthrightly. They said: “We demand a clear and
convincing response.” Iran wanted an apology for what they termed Erdogan’s
“inappropriate and unusual response.”
Turkey did not apologize.
So Iran turned out the lights in Turkey. It was an almost
perfect timeline.
The Iranian team working on this and similar cyber attacks
is called the Ashiyane Digital Security Team. Ashiyane means “nest” in
Farsi. This team has such a reputation among hackers that there are
websites dedicated to their exploits and their hacks. The team chose
not to attack Turkey’s well guarded electric power system – instead, they hit
the distribution network. That was deliberate. In that
way Iran was able to shut down and then reopen the power sources when they
decided that the Turks had learned their lesson.
It is safe to assume that Iran has already infiltrated the
electric grids and other vital targets across Europe where cyber security is
often very lax. Like in Turkey, they probably have not insinuated their malware
into the various main reactors but instead have found the weakest of cyber
links which is the distribution side of the electric grid.
This attack on Turkey is the first time that Iran shut down
a country through a cyber attack. This kind of an attack can bring the enemy to
its knees very quickly. It was the first attack of its kind, I doubt it will be
the only attack.
No comments:
Post a Comment