By TAMI ABDOLLAH
U.S. military cyber forces launched a strike against Iranian military computer systems on Thursday as President Donald Trump backed away from plans for a more conventional military strike in response to Iran’s downing of a U.S. surveillance drone, U.S. officials said Saturday.
Two officials told The Associated Press that the strikes were conducted with approval from Trump. A third official confirmed the broad outlines of the strike. All spoke on condition of anonymity because they were not authorized to speak publicly about the operation.
The cyberattacks — a contingency plan developed over weeks amid escalating tensions — disabled Iranian computer systems that controlled its rocket and missile launchers, the officials said. Two of the officials said the attacks, which specifically targeted Iran’s Islamic Revolutionary Guard Corps computer system, were provided as options after Iranian forces blew up two oil tankers earlier this month.
The IRGC, which was designated a foreign terrorist group by the Trump administration earlier this year, is a branch of the Iranian military.
The action by U.S. Cyber Command was a demonstration of the U.S.’s increasingly mature cyber military capabilities and its more aggressive cyber strategy under the Trump administration. Over the last year U.S. officials have focused on persistently engaging with adversaries in cyberspace and undertaking more offensive operations.
There was no immediate reaction Sunday morning in Iran to the U.S. claims. Iran has hardened and disconnected much of its infrastructure from the internet after the Stuxnet computer virus, widely believed to be a joint U.S.-Israeli creation, disrupted thousands of Iranian centrifuges in the late 2000s.
With little public scrutiny, the U.S. military has dramatically stepped up its secret hacking of foreign computer networks in a new effort to keep China, Russia, Iran and other adversaries on their heels, current and former U.S. officials tell NBC News.
Empowered with new legal authority from both Congress and President Donald Trump, the military's elite cyber force has conducted more operations in the first two years of the Trump administration than it did in eight years under Obama, officials say — including against Russia, despite Trump's well-documented affinity for Vladimir Putin.
The general in charge of the push, Paul Nakasone, has spoken about the new policy in cryptic terms such as "persistent engagement," and "defending forward," without explaining what that means. Multiple current and former American officials briefed on the matter say military hackers are breaking into foreign networks, striking at enemy hackers and planting cyber bombs that would disable infrastructure in the event of a conflict.
The officials declined to confirm or deny a New York Times report that an element of these classified operations included hacking into Russia's power grid, but they said that such a move would be a standard response to similar behavior by Russia and China. U.S. officials have said that those countries have for years planted malware that could turn out the lights in parts of the U.S.
"This is no different than a spy satellite," one senior U.S. official briefed on the matter told NBC News. "What this is is finding vulnerabilities in people's military and civilian infrastructure. That's how you should think of it."
Over the last decade, U.S. responses to foreign cyberattacks "have been tenuous, they have been episodic, we really haven't done anything," said Nakasone, who is both the commander of U.S. Cyber Command and the director of the National Security Agency, during a question and answer session at the Marshall Forum in April. "We are going to ensure that our adversaries know that that are limits within which they can operate…. No longer are we going to be on the sidelines."