Iran's cyber attack on billionaire Adelson provides a lesson on strategy



(Bloomberg) – With the U.S. waiting for a possible retaliation for a recent airstrike that killed a general, there is at least one American businessman who can provide detailed evidence of what happened after provoking Iran.

In October 2013, Sheldon Adelson, the casino tycoon and prominent supporter of conservative politicians and Israel, appeared on a panel discussion in New York where he suggested that the US send a message to Iran about its nuclear ambitions by detonating an American warhead bring middle of the Iranian desert.

"You want to be wiped out? Take a tough position, ”said Adelson, who later became a key supporter of President Donald Trump. His comments angered Iranian Supreme Leader Ayatollah Ali Khamenei, who said two weeks later that America should "punch those contemptuous people in the mouth".

Months later, in February 2014, hackers injected malware into Adelson's Las Vegas Casino computer networks. The dying cyber attack devastated about three quarters of the company's servers in Las Vegas. The cost of restoring data and building new systems is at least $ 40 million.

A year after the attack, the leading U.S. intelligence agency confirmed that Iran was behind it.

Now that Iran is taking revenge for the airstrike, the US is facing an aggressive opponent in which digital warfare is one of the best options to act directly against the American people. In the years since the Sands incident, Iranian hackers have continued to target and target a US presidential campaign, universities, journalists, and even a dam in a suburb of New York.

"I am sure that Iranians will ask their hackers for a list of options," said James Lewis, senior vice president of the Strategic and International Studies Center in Washington, who oversees the Policy Research Group's cyber security program. "Cyber ​​attacks can be tempting if they find the right American target."

Milan Patel, former chief technology officer of the FBI's cyber department, said he was concerned about what might come next as Iran showed interest in targeting critical infrastructure. "Power generation like hydropower and electricity can do the most damage here," said Patel, now chief client officer of cyber security company BlueVoyant.

A representative from Las Vegas Sands Corp. has not returned a message looking for a comment.

Iran is hardly the only cyber opponent in the United States. China has reportedly stolen so much intellectual property from US companies, including through hacking, that FBI director Christopher Wray accused the country of "finding our way up at our expense".

Cyber ​​attacks can also be used to disrupt millions. In a computer-dependent world, hackers can clog ports, close transport networks and open dams.

Iran has shown its willingness to use this type of digital attack against some of the largest banks in the United States, the world's best oil producers and Adelson's casino empire.

Destructive attacks

Cyber ​​opponents, including Iran, have generally targeted attacks that are unlikely to get a response from the United States' own powerful cyberware arsenal.

Evidence of a possible retaliation for the US drone attack emerged on late January 4, when the website for the little-known US Federal Depository Library program was hacked and defaced with "pro-Iranian anti-US". Messaging, ”confirmed a spokesman for the Cybersecurity and Infrastructure Security Agency. The page has since been removed.

"There is currently no confirmation that this has been done by Iranian state-sponsored actors," said a statement by the CISA, part of the Ministry of Internal Security.

The FDLP is a government agency created to make federal publications available to the public free of charge.

Tit-for-Tat fears

Given the heightened tensions, a major digital strike by Iran could trigger the kind of escalating strikes that are throwing both sides to the brink of war. It is widely believed that the U.S. is capable of shutting down power grids, disrupting air traffic, and causing havoc in ports solely through digital strikes. Cyber ​​security experts say Iran's hackers and digital weapons are less mature, but the number of U.S. targets available to them is huge.

The U.S.-Iran digital feud dates back more than a decade when a devastating digital worm called Stuxnet shut down an Iranian uranium processing plant. This attack has been attributed to the United States and Israel by several media.

In response to this, Iranian hackers launched attacks in 2011 that overwhelmed the websites of Bank of America Corp., Wells Fargo & Co., and others over a period of months. Ultimately, the attacks were little more than an inconvenience to online customers, but financial institutions spent millions of dollars to keep their websites up and running for the duration of the attacks.

learning phase

These early Iranian attacks are now considered part of a learning phase as the country's hackers have worked to keep up with the sophistication of other cyber powers before focusing on physical infrastructure such as pipelines and dams.

In 2013, Iranian hackers violated a small dam's control system in Rye, New York, according to a federal indictment. While the hackers managed to gain access to the dam's systems, which enabled them to see information such as the water level and the dam's settings, they could not operate the water level control gate because it was manually disconnected for maintenance purposes. It is not known whether the Iranian hackers intended to release water from the dam.

More recently, hackers related to the Iranian government have attempted to infiltrate email accounts of a US presidential candidate, current and former US officials and journalists, Microsoft Corp. reported. in the past year. The New York Times and Reuters reported that President Trump's re-election was targeted.

While the presidential campaign was not among the compromised, this and the many other attempted violations have brought experience to a group of hackers who may now need to take revenge on the United States.

Norman Roule, a former CIA official who also served as Iran's national intelligence manager, said cyber attacks are almost certain to increase in the coming months. Iran's cyber strategy is likely to pursue three goals: to punish the United States, to prevent the United States from future attacks, and to give Iran the opportunity to save its face.

Lewis from the Center for Strategic and International Studies said that if Iranians choose to take revenge on a cyber attack, they are likely to want "something dramatic" in choosing a target.

"The big question is: will they do something symbolic like the bank attacks?" He said. "Or are you trying both symbolically and annoyingly, as they did with Sands?"

(Updates with details of the illegible US website in paragraph 14.)

– With the support of Ryan Gallagher.

Contact the reporters of this story: Alyza Sebenius in Washington at, Kartikay Mehrotra in San Francisco at, William Turton in New York at

Contact the editors responsible for this story: Andrew Martin at, Virginia Van Natta

<p class = "Canvas-Atom Canvas-Text Mb (1.0em) Mb (0) – sm Mt (0.8em) – sm" type = "text" content = "For more articles like this please visit us at"data-reactid =" 48 "> You can find more items of this kind at

© 2020 Bloomberg L.P.