National Security Leaks and Iranian Revenge

On June 1, 2012, the New York Times featured a remarkable work of journalism by David Sanger that opened with the following revelation:

“From his first months in office, President Obama ordered increasingly sophisticated attacks on the computer systems that run Iran’s main nuclear enrichment facilities, significantly expanding America’s first sustained use of cyberweapons, according to participants in the program.”

In his 2009 book The Inheritance, Sanger revealed details about the National Security Agency’s (NSA) penetration of Iranian government computers—also known as cyber exploitation—that helped inform the 2007 National Intelligence Estimate, which judged “with high confidence that in fall 2003, Tehran halted its nuclear weapons program.” Sanger also offered clues about activities covered in a spring 2008 presidential finding that authorized covert action in Iran, including “efforts to interfere with the power supply to nuclear facilities—something that can sometimes be accomplished by tampering with computer code, and getting power sources to blow up.” While there were leaks about suspected U.S. covert activities targeting the Iranian nuclear program, no confirming evidence about the offensive cyber attacks had been published before last month.

Many members of Congress and Obama administration officials reacted with the rote condemnation that has followed national security leaks throughout history. These most recent leaks, however, prompted a new and surprising response: freed from the normative constraints against offensive cyber attacks, other states and nonstate actors will now target the United States with unrelenting cyber attacks against its critical infrastructures.

In an interview in the National Journal, chairman of the House Intelligence Committee Representative Mike Rogers warned: “Other nations, or even terrorists or hackers, might now believe they have justification for their own cyberattacks.” Senator Diane Feinstein, chairman of the Senate Intelligence Committee, argued that the leak could “to some extent” provide justification for similar cyber attacks against the United States. During a recent hearing of the Senate Homeland Security and Governmental Affairs Committee, former CIA director Michael Hayden and Senator John McCain had the following exchange:

HAYDEN: Going to cyber, whether the story was true or false, a publication that the United States was responsible for that activity is almost taunting the Iranians to respond at a time and in a manner of their own choosing.

MCCAIN: I was just going to say if I were the head of Iranian intelligence, I’d have been in the supreme leader’s office the next day.

HAYDEN: I would have gone in with something. Mr. Khamenei, remember that briefing I gave you about a year ago and you told me to put it on the back-burner? Well, I’ve brought it forward.

And in the absence of any Obama administration scapegoat, Sanger has often been targeted in the outcry against the leaks. In a hearing of the House Judiciary Committee, Colonel Kenneth Allard (ret.) declared, “If all of a sudden, utilities stop operating, you have [Sanger] to thank for it.” (In a truly revealing anecdote about the lack of congressional oversight over such high-risk covert operations, Representative Dan Lungren wondered aloud at the same hearing: “Would it bother you to know that the detail that was described in the New York Times, if true, is a level of detail not presented to members of Congress, such as the chairman of the Cybersecurity Subcommittee on Homeland Security, that is, happens to be me.”)

Beyond the cyber attacks against Iran, Representative Louie Gohmert added, “You have the Taliban target a helicopter with nearly two dozen of SEAL Team Six members…when the vice president, the president outed SEAL Team Six?” If the Taliban successfully penetrated U.S. battlefield communications to the extent that, out of the one hundred thousand U.S. soldiers in Afghanistan, they can identify who is on each helicopter, Gohmert should initiate a hearing on the subject as soon as possible.

The argument that the leaks describing U.S. (and Israeli) offensive cyber attacks against Iran’s nuclear facilities will compel a commensurate response rests on three assumptions:

1. Iran is a rational actor previously constrained by international norms. If this is true, congressional members should hold hearings to investigate the Obama administration’s breach of prohibitory norms. As Ward Thomas noted in his excellent book, The Ethics of Destruction: Norms and Force in International Relations, such “power-maintenance” norms work by banning “weapons or practices that have the potential to close the gap between strong and weak states in international society.” As President Obama wrote in a recent op-ed, “It’s time to strengthen our defenses against this growing danger.” If you believe in the power of norms as do House Republicans, then U.S. cyber attacks against Iran only served to amplify retaliatory threats.

2. Iran was unaware that America was engaged in covert operations—cyber exploitation or attack—against its nuclear program. Earlier this month, the Wall Street Journal reported, “The U.S. military is accelerating its cyberwarfare training programs in an aggressive expansion of its preparations for conflict on an emerging battlefield.” The Air Force lieutenant colonel who oversees one of the cyber courses noted, "Our curriculum is based on attack, exploit and defense of the cyber domain.” If Iranian officials subscribe to the Journal or read anything about the NSA, they would be well aware that preventing Iran from obtaining a nuclear weapon is the highest national security priority for the United States. And that the United States would utilize its well-publicized, unmatched cyber capabilities to achieve this goal.

3. Leaks about U.S. covert actions against weak and distant states lead to a retaliation against America using similar means. In April 1984—after a few cocktails—Senator Barry Goldwater spontaneously read a classified memo on the Senate floor that detailed the direct role of the CIA in mining three Nicaraguan harbors. The next day, the Wall Street Journal ran the headline, “U.S. Role in Mining Nicaraguan Harbors Reportedly Is Larger than First Thought.” Did the Sandista government respond by mining American harbors, or retaliate directly?

Unauthorized leaks by government officials are a routine, if at times unfortunate, occurrence in Washington, DC—no matter who occupies the White House. However, it is ridiculous to believe that these particular revelations from David Sanger would now untie Tehran’s cyber warriors to target U.S. critical infrastructure. The Iranian regime is assuredly exploring this capability as well, and its decision to attack will not hinge on a New York Times headline.