In recent weeks, a series of attacks on commercial shipping in and near the Persian Gulf have been unofficially attributed to Iran, including a drone attack that killed two mariners in the Gulf and an attempted hijacking of a commercial vessel in the Strait of Hormuz. Along with another suspected attack, in which several ships simultaneously reported difficulties in steering, these incidents highlight both the importance of commercial shipping to the global economy and the sector’s vulnerability to asymmetric tactics, including cyberattacks. They also show how Iran is using cyberattacks to demonstrate its capabilities, and signal what to expect from the new political leadership in Tehran.
The drone attack, which targeted an Israeli-operated tanker off the coast of Oman in late July, left one British and one Romanian national dead. Days later, in the first week of August, armed assailants boarded another ship, the Asphalt Princess, off the United Arab Emirates and ordered it to sail to Iran; the hijacking attempt was foiled when the crew disabled the ship’s engines. In the same week, up to six vessels reported the loss of their steering control in the Gulf of Oman.
Theoretically, it is possible that all six ships simultaneously suffered mechanical or electrical failures, and Iran has denied responsibility for the incidents, as well as for the other attacks. But maritime experts judge it more likely to be a coordinated cyberattack. What’s more, they bear a striking resemblance to the kinds of targets identified in a collection of documents obtained by Sky News, dated from November 2020, allegedly compiled by the cyber unit of the Islamic Revolutionary Guard Corps called “Shahid Kaveh.” The 57-page file covers a wide range of potential targets, from cargo ships and fuel pumps to petrol stations.