US and foreign officials suspect Israel to be behind the 9 May cyberattack on Iran’s port of Shahid Rajaee. The cyberattack obstructed shipping traffic at the facility for days, according to The Washington Post, citing unnamed sources.
Tel Aviv operatives are said to have conducted the attack in retaliation for an alleged attempt by Iranian hackers on 24 April to take down networks operating rural water distribution in Israel, according to the outlet, citing unnamed intelligence and cybersecurity officials said to be familiar with the matter. Iran has repeatedly denied responsibility for the attacks.
One foreign official told WaPo that the cyberattack was “highly accurate” and the damage was greater than what was announced by Tehran, claiming: “There was total disarray”.
A US official with access to classified files also suspects that Israel is responsible for the attack, according to WaPo.
The attack resulted in a miles-long traffic jams on main roads leading to the Shahid Rajaee port, according to 9 May dated satellite photographs seen by the newspaper. One photograph taken 12 May showed dozens of loaded container ships waiting offshore.
Dmitri Alperovitch, a cybersecurity policy fellow at Harvard's Belfer Center, and founder and former chief technology officer of cubersecurity firm CrowdStrike, told The Washington Post that the recent cyberattack on Iran’s port facility may be a response from Tel Aviv to the alleged Iranian attack on Israeli water distribution systems.
“Assuming it’s true, this is in line with Israeli policy of aggressively responding to Iranian provocation, either kinetically or through other means,” said Alperovitch. “Anytime you see Iranian escalation, as with their buildup of rocket capacity in Syria, you have consistently seen Israeli retaliation with bombing runs on those positions. So it appears they have now applied that doctrine in cyberspace.”
No official Israeli comment on the report has been given as, according to The Washington Post, the Israeli Defence Forces (IDF) and Israeli embassy have not responded to allegations of their responsibility.
On 10 May, Iranian officials confirmed reports that computers regulating shipping traffic at the port of Shahid Rajaee had been targeted in a cyberattack that “failed to penetrate the PMO’s systems and was only able to infiltrate and damage a number of private operating systems at the ports,” according to the newspaper.
In May, Tel Aviv accused Tehran of and condemned a cyberattack on Israeli civil water infrastructure said to have taken place on 24 April. The alleged attack was reportedly described by an Israeli official as a "significant escalation" by Iran that "crossed a red line", as it targeted civil facilities. Tehran has denied responsibility for the purported attack.