Cyber, deterrence, and the rules of the game

What are the latest developments in the cyber war between Iran and Israel? How is it connected to the strange security-related incident in Har Dov? And to China? A weekly column by Amir Rapaport. 

Firefighters extinguish the blaze following the explosion in Dolat, Iran, this week. Photo: WANA (West Asia News Agency) via REUTERS

1. Cyber winter. While all of the attention was focused this week on the strange security-related incident in Har Dov, there are increasing reports that may indicate that the cyber war between Iran and Israel is not slowing down, but rather is intensifying day by day.

And during the last few days there were once again reports in the global media about explosions in Iran. This is a continuation of the mysterious series of events that have been occurring for about two months, with some attributed to cyberattacks by Israel and the US (including the claim of a cyberattack against the important port of Bandar Abbas and against the uranium enrichment facility in Natanz, which was attacked more than 10 years ago in the "stuxnet" cyberattack)

As for this week's developments, there was a reported explosion that caused a fire in the industrial area of the city of Dolat. There were recently reports on a new attack – apparently a cyberattack – against two facilities of Israel's Water Authority, one in the north and one in Judea. It is worthwhile to pay attention to recent reports in the global media about the cyber agreements between China and Iran. It seems that the Chinese are training the Iranians in cyber warfare and are even transferring a lot of knowledge to them. The reason is much more connected to the US than to Israel. It could mean a Cold War of the third millennium, with the People's Republic of China playing the role of the former Soviet Union. It should be assumed that this was one of the main topics during US Secretary of State Mike Pompeo's most recent visit to Israel several weeks ago. The Americans are doing a lot more than just pressuring Israel to chill its technological relations with China.    

During the cyberattack against Israel's water facilities in May, which was attributed to Iran, there was an attempt to increase the amount of chlorine in the water by seizing control of the industrial operating systems that run the facilities. A number of weeks ago, the director of the Israel National Cyber Directorate, Yigal Unna, without mentioning Iran by name, claimed that "cyber winter is coming".

Was he right? Time will tell. 

2. Deterrence. So what is the link between the cyber war between Iran and Israel, and the enormous tension between Hezbollah and Israel? The connection is that on both fronts there is a war raging these days over "the rules of the game", or, in other words, a battle over deterrence. Who will deter whom? 

In general, "deterrence" is a security concept of primary importance that was born long before the cyber age. The object of deterrence is to avoid going to war by neutralizing the capabilities if the enemy in advance, or to make the enemy pay a price several times higher if there is an attack. The thought about that is supposed to stop the enemy from wanting to attack. 

One of the conditions for existence of deterrence is believability – namely, the deterred countries need to believe that the threat from the deterring country is indeed real. Namely, that it has the capability to carry out a significant retaliation as well as the military and political willingness to carry out the threat. The power of the deterrence is based on the conception of the military force of the other country and its willingness to use that force. Without that believability, there is no deterrence, even by the world's biggest military superpower.  

So is it possible to achieve cyber deterrence in ways similar to the physical world? 

An article published by researchers from the "Dado Institute", an IDF think tank located at Israel's National Security College, claimed that as cyber is a new and unique domain, it changes the way that we relate to existing phenomena and concepts in every field. The deterrence isn't unusual: everything considered basic regarding deterrence in the physical plane is another story altogether when talking about cyber. For example, it is very difficult to estimate in advance the real power of the enemy you are facing, who isn't using planes and tanks you can count, or nuclear bombs. If that isn't enough, in cyberspace there is a permanent "fog of war" that makes it difficult to familiarize oneself and gain a basic understanding of the situation.   

Besides that, the great penetration of information technology makes deterrence by means of prevention and defense very difficult. The identity of the attacker is not always known, due to a wide range of actors operating in cyberspace, unlike the certainty regarding an entity responsible for a physical attack, and the relative quickness in finding the one responsible in such cases.     

So how do you achieve cyber deterrence? It should be assumed that both sides, Iran and Israel, are trying to deter each other and to determine these days the rules of the game in the cyber wars that will only intensify and be with us for many years.