Throughout 2012, Iran targeted United States banks and companies with a series of distributed denial-of-services cyber attacks. The attacks doubled and sometimes tripled the amount of traffic that the American websites were capable of handling. Many considered the attacks retaliation, revenge for the destruction wrought by Stuxnet on Iran’s nuclear program. The cyber attacks presented the White House with a national emergency for which there was little precedent. A recent report from the Washington Post has shed light on the Obama administration’s strategy for dealing with cyber threats.
The report describes the debate over hacking into Iranian networks to eliminate the cyber attacks at their source. American officials were confident that the United States could execute a cyber counteroffensive powerful enough to stop the problem. However, a failed counterattack could have provoked more attacks from Iran – and cyber assault on Iranian networks could have escalated already high tensions between the two nations, if the foreign government construed the attacks as a violation of Iranian sovereignty.
Instead, the Obama administration opted for diplomacy, asking more than 100 countries for help. The United States requested that foreign governments stem the Internet traffic within their borders by removing the code from affected servers.
And diplomacy worked! While the response did not completely eliminate the traffic and did not deny the Iranian hackers the ability to attempt additional attacks, the multinational response did lower the traffic to a manageable level. Its success provides a positive example of international cooperation and limiting use of cyber force.