The decision by U.S. President Trump to pull back from a retaliatory strike against Iran for the downing of a surveillance drone because there would be “too many deaths for a proportionate response” has been painted as a backtrack. Instead, “President Trump approved an offensive cyber strike that disabled computer systems used by Iran’s Islamic Revolutionary Guard Corps to control rocket and missile launches.”
“Though crippling to Iran’s military command and control systems,” reported the Washington Post, “the operation did not involve a loss of life or civilian casualties—a contrast to conventional strikes, which the president said he called back Thursday because they would not be ‘proportionate’.”
That is not a backtrack, it’s a game changer.
A physical missile strike against military targets in Iran would generate headlines and newsworthy images. It would kill scores of people. But in the end, it would make little difference to the standoff between Washington and Teheran. If, however, the reports are true and the U.S. has compromised Iran’s networks to the extent that Teheran’s core command and control systems are now vulnerable, that changes the dynamics completely.
Offensive cyber capabilities have long been the most sensitive and nationalistic of government activities. Despite all the media speculation, most government cyber spend remains focused on the defense of data and networks. And where offensive cyber attacks have taken place, they are not disclosed let alone publicized. For that reason, the reports on June 21 and 22 on the U.S. cyber attack are significant and not by accident.
The physical and digital are entwined. This decision by the U.S. to treat the disclosure of a cyber attack as it might a physical attack when in truth there is no footage and so no need, clearly shows this to be the case. The mix of physical and cyber, retaliating in one dimension for an attack in the other does the same.