The alleged US attacks against Iran's internet infrastructure appeared to have been weak enough for officials to have found it necessary to leak their occurrence to the press, independent Finnish cybersecurity analyst Petri Krohn has suggested.
“The leaks to Reuters seem to imply that US submarines have damaged an undersea internet cable from Iran. If this attack happened, it should have been noticed by websites that monitor internet traffic. Then again, the attack could be simply ordering Facebook to close 1,000 Iranian and pro-Iranian Facebook accounts,” Krohn explained.
“Iran claims they have not noticed any cyberattack in September. Evidently the attack, if it actually happened, was too weak for anyone to actually notice. This explains the need to leak to the press. An attack that no one notices is as useless as no attack at all,” the observer noted.
According to Krohn, the decision to resort to cyberattacks against Iran's internet infrastructure actually suggests that neither Washington nor Riyadh really believe that Iran was responsible for the 14 September drone attacks on the Saudi oil facilities in Abqaiq and Khurais.
“If the US or Saudi Arabia actually believed Iran had launched the Aramco attack, then we would see a much stronger response,” he suggested. “On the other hand, Iran has said any unprovoked attack on Iran will lead to a full-blown retaliation against US and Persian Gulf targets,” he added.
According to Reuters’ sources, the Iran cyberattack targeted physical hardware. The sources did not provide any further details. Neither Iranian nor US officials have commented on the alleged attack.
Yemen’s Houthi militia movement claimed responsibility for the Aramco attacks. However, the US and Saudi Arabia have claimed that Iran was responsible. Iran has denied the claims, and accused the US of thinking up a policy of “maximum deceit” to replace its previous “failed” policy of “maximum pressure”.
Krohn suggested that Washington and its European allies were “lying” in accusing Iran of being responsible for the Aramco attacks. “The cruise missiles and drones came from Yemen. The types of missiles are only known to be possessed by the Yemeni Armed Forces and have been used in previous Yemeni attacks on Saudi Arabia,” he explained.
“The engines used by the missiles are of foreign origin. The TJ100 turbojet engine used by the Quds-1 cruise missile is a Czech design. The DR-208 Wankel engine used by the unnamed delta-winged drones is of Chinese origin. Both engine types have been reverse-engineered and produced in Iran. Most likely Iran gave blueprints to Hezbollah, who gave them to the Houthis. Yemen is under siege by Saudi and US forces, so it would be practically impossible for Iran to export missiles to Yemen,” Krohn specified.
The September 14 attacks seriously damaged two major Saudi Oil processing facilities, and knocked out some 5.7 million barrels a day in Saudi oil output, approximately half of the total. Last week, Saudi Aramco announced that it plans to return to full capacity by late November. The Houthi militia have threatened more attacks against Saudi targets unless Riyadh and its allies end their ongoing military campaign in the war-torn country. The Houthis have launched dozens of attacks on Saudi infrastructure, military facilities and population centres in recent years. Saudi Arabia and a coalition of mostly Gulf allies began an operation in Yemen in March 2015 in a bid to restore the country’s ousted president.