In the United States, fears of widespread hacking causing major national disruptions have so far been mostly unfounded. There have been isolated foreign-based attacks on infrastructure here and there, but no one has so far been able to disrupt an important nationwide system deliberately for political reasons.
Iran hasn't been so fortunate. A hacker group calling itself Gonjeshke Darande, which translates as "Predatory Sparrow," claims responsibility for knocking out about 70% of Iran's gas stations in the last few days, according to an Associated Press report. A related CNBC piece connects the Predatory Sparrows with Israel, although the connection is unconfirmed by the group.
This isn't the first time the Sparrows have mounted cyberattacks in Iran. The CNBC report recounts a fire in an Iranian steel plant in June of 2022 which the group claimed to have started. The hackers say that they try to avoid inconveniencing civilians, but having 70% of a country's gas stations shut down is more than an inconvenience. Iran reportedly disconnected most of its government infrastructure from the Internet after the Stuxnet virus damaged uranium-enrichment centrifuges in the late 2000s, but the hackers have evidently found a way around that obstacle.
Iran has been sanctioned for its support of terrorism in other countries, and these sanctions prevent hardware and software updates from being installed that might otherwise help the country defend itself against attacks such as these. Reportedly, software pirating is widespread, but pirated software typically loses manufacturer support for security updates, with the result that such systems are comparatively easy to invade for nefarious purposes.
Iran is widely believed to be the power behind Hamas, the group which mounted the October 7 attacks in southern Israel. Engineering ethics always has to operate before a background of cultural and historical events. An action which can be construed as ethical in wartime, at least by some people, would be considered highly unethical in peacetime circumstances.
As large-scale hacks go, the Predatory Sparrows' shutdown of most gas stations, which isn't the first time they've done something like this, is not life-threatening, at least to most people. In tweets, the group claimed to have warned emergency services in advance, and so they at least appear to be trying to avoid serious harm to civilians. Their idea seems to be that if the people of Iran get fed up enough with issues like not being able to buy gas for a time, they will rise up and throw off the chains of the present regime. And that might happen, but the ayatollahs in charge have endured much worse challenges up to now, and unless their grip on power gets a lot shakier, they will probably shrug off this cyberattack as easily as they did the others.
Cyberattacks are still new enough to count as a novel addition to the warmonger's bag of tricks. As with other forms of warfare, its success depends on how well-defended the enemy is. For whatever reason, the United States seems to be doing a better job at defending itself against hacks than Iran has. I suspect a large factor in this difference has to do with the wide range of systems employed in the U. S. compared to more top-down-governed places like Iran.
I have no way of knowing for sure, but it wouldn't surprise me if nearly all the gas stations in Iran use the same kind of hardware and software. That uniformity makes a system much easier to hack compared to an infrastructure built out of several different brands and designs of technology. This is why theories of how a national election was allegedly hacked in many U. S. states hold so little water. A hacker would have to master and invade dozens or hundreds of different systems and would have to gain access to literally thousands of machines through individual county election offices in order to swing millions of votes.
While the rule can be extrapolated beyond its range of usefulness, it is true that in technological systems, diversity lends a kind of strength. If one brand of system falls to a hacker, the others may not. Iran would probably like to have a robust market for software, but sanctions and the general economic climate have militated against that. So in addition to having to limp along with outdated machinery, they suffer from Predatory Sparrows who take advantage of the vulnerabilities of outdated and pirated software.
What can the U. S. learn from this situation? At least two things.
First, money spent on cybersecurity is generally worth it. Regular updates and security patches are simply good practice, and most responsible organizations follow these guidelines.
Second, in technological diversity there is strength. Highly centralized national mandates dictating the details of any kind of cyber-infrastructure are liable to produce security vulnerabilities. The software industry is still one of the most lightly-regulated ones in our economy, and the resulting variety and dynamism is a security advantage as well as providing customers with the latest and greatest, other things being equal. Any attempt by government to do heavy-handed regulation is likely to lead to a uniformity that would not be in the best interests of customers, and it might make life easier for predatory sparrows and their like.
It's too bad that Iranians are having to wait in long lines at the 30% of gas stations that still operate (a fraction apparently chosen deliberately by the hackers), but when your government fights a proxy war, you can expect the enemy to get back at it by both fair means and foul. With cyberattacks, the line between fair and foul is especially fuzzy, and Iranians should be glad that the hackers are as relatively polite as they are. Still, it's a pain, and we can long for a day when neither Iran nor Hamas nor Israel has to resort to hacking, because peace has at long last come to earth.
And that's what Christmas is all about. But that's a story for another time.
Sources: The AP report "A suspected cyberattack paralyzes the majority of gas stations across Iran" appeared prior to Dec. 18, 2023 on the AP website at https://apnews.com/article/iran-gas-stations-cyberattack-a9ae33c352812e40ca3d255a2533fea9. I also referred to a CNBC report at https://www.cnbc.com/2023/12/18/pro-israel-hackers-claim-cyberattack-disrupting-irans-gas-stations.html.