Defense Secretary Leon E. Panetta’s pointed warning that the United States will strike back against a cyberattack underscores the Obama administration’s rising concern that Iran could be the first country to unleash cyberterrorism on America.
Mr. Panetta’s unusually strong comments last week came as former U.S. government officials and cybersecurity experts said the United States thinks Iranian-based hackers were responsible for cyberattacks that devastated computer systems of Persian Gulf oil and gas companies.
Unencumbered by diplomatic or economic ties that restrain other nations from direct conflict with the United States, Iran is an unpredictable foe that national security experts contend is not only capable but willing to use a sophisticated computer-based attack.
Mr. Panetta made it clear that the military is ready to retaliate — though he didn’t say how — if Washington believes the nation is threatened by a cyberattack, and he made it evident that the United States would consider a pre-emptive strike.
“Iran is a country for whom terror has simply been another tool in their foreign policy toolbox, and they are a country that feels it has less and less to lose by breaking the norms of the rest of the world,” said Stewart Baker, former assistant secretary at the Department of Homeland Security and now in private law practice.
“If anybody is going to release irresponsible, unlimited attacks, you’d expect it to be Iran.”
National security experts have long complained that the administration should be more open about what the military could and would do if the United States were to be the victim of cyberattacks. They argue that such deterrence worked in the Cold War with Russia and would help convince would-be attackers that an assault on America would have dire consequences.
Mr. Panetta took the first steps toward answering those critics in a speech that analysts said was a thinly veiled warning to Iran and the opening salvo in the campaign to convince Tehran that any cyberattack against America would trigger a swift and deadly response.
“Potential aggressors should be aware that the United States has the capacity to locate them and hold them accountable for actions that harm America or its interests,” he said in a speech in New York to the Business Executives for National Security.
The presumed Iranian cyberattacks hit the Saudi Arabian state oil company Aramco and Qatari natural gas producer RasGas using a virus, known as Shamoon, which can spread through computers networks and ultimately destroy files by overwriting them.
In his speech, Mr. Panetta said the Shamoon virus replaced crucial system files at Aramco with the image of a burning U.S. flag. He said it also overwrote all data, rendering more than 30,000 computers useless and forcing their replacement. He said the Qatar attack was similar.
“This one worries me,” said Richard Bejtlich, chief security officer for the Virginia-based cybersecurity firm Mandiant.
“I’m not an alarmist, but when I saw that 30,000 computers at Saudi Aramco got just deleted, that was a big deal. You don’t see the Chinese government, you don’t see the Russian government, or even their patriotic hackers go out and delete anything, for the most part.”
From the Iranians’ point of view, however, attacks against the United States may be justified because they have been hit hard by American sanctions leveled on their country because of its suspected nuclear weapons program.