People are protesting against the death of General Qasem Soleimani while holding his portrait. After the killing of General Qasem Soleimani, commander of Quds Force by the US Army in Iraq, people throughout Iran and the city of Rasht mourned him on the streets.

The killing of Qassem Soleimani by the U.S. on Jan. 3 resulted in widespread speculation that Iran would retaliate with a forceful cyber attack, especially given its recent prodding of the U.S. electric grid. The FBI and Department of Homeland Security both issued warnings of a possible Iranian cyber attack. Iran has historically carried out retaliatory or punitive cyber attacks in response to foreign aggression, but it has become more reticent and strategic in its targeting in recent years. Thus far, the only malicious cyber activity connected to the killing has been a handful of website defacements — unsophisticated, low-impact attacks that could easily have been carried out by independent patriotic hackers or hooligans.

While the Saudi National Cybersecurity Authority has published a technical report overviewing a new, apparently Iran-originated malware named “Dustman” that was executed on Dec. 29, 2019, it appears not to be linked to the recent U.S.-Iran escalation. It was detonated prior to both the attack on the U.S. Embassy in Baghdad and the killing of Soleimani. ZDNet later reported that the target of the attack was Bapco, Bahrain’s national oil company, and that its impact was relatively limited.

As the dust begins to settle on the Soleimani flashpoint in U.S.-Iran tensions, the fear of an imminent Iranian cyber attack appears to be subsiding. However, Iran’s continued development of cyber capabilities and prodding of critical infrastructure targets remain serious risks. Tehran’s expanding disinformation capabilities and its cyber targeting of Donald Trump’s reelection campaign also make the specter of interference in the 2020 U.S. election quite grave. The Iranian pattern of “strategic patience” has evidently transferred to its cyber activity, justifying vigilance, but not panic.

 

Michael Sexton is a Fellow and the Director of MEI's Cyber Program.

Photo by Babak Jeddi/SOPA Images/LightRocket via Getty Images

The Middle East Institute (MEI) is an independent, non-partisan, non-for-profit, educational organization. It does not engage in advocacy and its scholars’ opinions are their own. MEI welcomes financial donations, but retains sole editorial control over its work and its publications reflect only the authors’ views. For a listing of MEI donors, please click here.