Hello!
I hope your February inbox wasn’t too lonely in the brief absence of Hooked! It wasn’t for lack of cyber news to cover – I was simply a tad busy with the annual Binding Hook-Munich Security Conference Essay Prize Competition (read the winners here!) and suddenly, that shortest of months was over. But anyway, the United States and Israel have returned to bombing Iran, and I’ve returned to writing.
Some sources are claiming the initial attack coincided with the ‘largest cyberattack in history’, though that particular Jerusalem Post article cites NetBlocks showing internet connectivity at 4% as proof – NetBlocks, meanwhile, describes the shutdown as a ‘regime-imposed nationwide internet blackout’, silencing Iran’s own population. They also note that the Iranian government took similar measures during last June’s war and during an internal crackdown just a few weeks ago, during which thousands of protesters, likely tens of thousands, were killed. Those previous experiences allowed some activists and journalists to prepare – by smuggling in Starlink terminals.
The Post isn’t alone here; in addition to disinformation for strategic ends, we now have to deal with fake engagement bait, created for purely financial ends. Monetised accounts on X were sharing so much disinformation, AI-generated and good ol’ video game footage, that X actually took (minor) steps to address the problem.
This does nothing to stop the third category of disinformation: AI slop that just exists to exist, like videos of Emirati skyscrapers in flames that are not only AI-generated but also (falsely) verified by AI chatbots like Grok as real. Unsurprisingly – in line with their broader free-speech-limiting approach to cybercrime – Dubai is working to ensure that too is banned: the police have shared several PSAs noting that, ‘Sharing rumors, false information, or any content that contradicts official announcements or that may cause public panic or threaten public safety, order, or health is prohibited’ and can result in high fines and ‘imprisonment for no less than two years’.
Anyway, fake footage of missiles and unsourced cyberattack hyperbole seem rather unnecessary, given the considerable and very real physical and digital elements of the attack and Iran’s responses. For example, Israel reportedly used ‘mountains of data’ from hacked traffic cameras and mobile phone networks to map Ayatollah Ali Khamenei’s associates’ patterns and networks, allowing them to know exactly where he would be on the fateful morning – and to interfere with phone signals at the critical moment, preventing warnings from reaching him. But for all that, the most concrete information on Khamenei’s whereabouts allegedly came from a US human source.
For more on the use of data in modern war, read Andrea Gilli, Mauro Gilli, and Niccolò Petrelli’s argument in Binding Hook that ‘data really is the new ammo’.
Meanwhile, everyone from Google to the UK National Cyber Security Centre is warning of increased cyber risk from Iran. A surge in GPS jamming attacks targeting ships in the Strait of Hormuz seems rather like it might have Iranian fingerprints on it, Iran seems to have ramped up targeting of cameras in the region, while Jordan claims to have prevented an Iranian cyberattack on food storage systems. There have also been attacks on digital infrastructure, including drone strikes on several Amazon Web Services data centres in Bahrain and the UAE, which led to serious regional disruptions and a challenge to Gulf state dreams of becoming a global centre for AI.
Read more on Iran’s capacity for cyber sabotage in Aleksandar Milenkoski, Jiro Minier, Julian-Ferdinand Vögele, Max Smeets, and Taylor Grossman’s Binding Hook piece examining state uses of ransomware.
The Israelis also apparently used cyberattacks (among other tools) to disable air defenses and hacked a prayer app to send messages urging defection and revolt. In an infographic titled ‘Operation Epic Fury First 24 Hours’, the US Department of Defense listed equipment used, including ‘EA-18G electronic attack aircraft’, ‘F-18 fighter jets’, ‘and special capabilities we can’t list here!’
The US Cyber Command – with a bit more detail than was shared about January’s Venezuela operation – has taken credit for disrupting communications and sensor networks, leaving Iran ‘without the ability to see, coordinate or respond effectively’. The US has also apparently been using Anthropic’s Claude AI model for intelligence gathering, simulations, and targeting – ‘quicker than the speed of thought’ (although with a greater propensity to hallucinate?).
Claims that Israel ‘knew Tehran like we know Jerusalem’ and of precision munitions able to hit a target as small as a dining table from 1,000 km away make the bombing of a girls’ school in Minab, Iran – approximately 168 people reported killed, mostly girls between the ages of 7 and 12, in an area the US was targeting – somehow more horrifying. Is it possible this was the first AI-enabled massacre? Was the school a location posing an imminent threat? Or is ‘precision’, despite all our technological advances, a lie we allow ourselves to be told, and is this just a little more of the same collateral damage we’ve been inflicting on the region for longer than I’ve been alive?
The question of collateral damage is often a question of the means justifying the ends, but here, at least, we’re left to wonder toward what end we’re working. US authorities have said the goal is regime change, the goal is the destruction of Iran’s nuclear programme, the goal was just to prevent Iran from attacking us after Israel attacked them, maybe the goal is to ensure Donald Trump has a say in choosing the next leader of Iran – also, the war will take four weeks or less, or it might take four or five weeks, but also it might actually last until at least September, but it will definitely in no way be yet another forever war.
Even if the goal was clear, many commenters have pointed in the direction of Robert Pape’s classic Bombing to Win for examples of the historical ineffectiveness of pure air campaigns (I’m in the market for a copy). And while a lot has changed since 1996 – I’d be interested to read more analysis of the ways that cyber campaigns could fill in the gaps of air wars, for example – Pape is on Substack today, noting the limitations of tactical success in the ‘precision age’ and the structural conditions pushing towards the escalation we’re already seeing.
Anyway, today, as drones fly from Cyprus to Nakhchivan and I have friends stuck in Israel and friends that haven’t heard from their families in Tehran in over a week, I’m struck again by the fact that the first confirmed report of a death I saw in the hours after the war began was of an unnamed Asian worker in the UAE, killed by fallen debris. Even if precision munitions’ coordinates are correct and the timing perfect, they can be intercepted and fall and take an innocent life nonetheless.
Until next month.
Katharine Khamhaengwong
Binding Hook Senior Editor
Read more Binding Hook on Iran:
- Gil Baram and Noya Peer examine the cyber aspects of last year’s Iran-Israel war.
- James Shires, Max Smeets, and Hannah-Sophie Weber look at the hacktivist group Predatory Sparrow, which has targeted Iran’s critical infrastructure.
- Anwar Mhajne explores the ways the internet has been used to target and repress female activists in Iran.
Related Posts
Predatory Sparrow: cyber sabotage with a conscience?
9 December 2024
