On Tuesday night, Iran launched missiles at two military bases in Iraq. Initial reports ranged from over a dozen to 22 missiles. The Los Angeles Times reported Iran launched 15 missiles, of which 11 hit their targets and four failed in flight, according to a U.S. defense official, who said there were no reports of U.S. casualties in the attack.
Ten of the missiles hit the sprawling Asad Air Base in Iraq’s western Anbar province. U.S. radar was able to track the missiles in flight and, as a result, personnel at the base were able to take cover. The U.S. made no effort to intercept the missiles, the official said.
One missile hit the Combined Joint Operations Center in Irbil, where the U.S. trains Iraqi Kurdish fighters and also runs a large air operations control center covering northern Iraq and parts of Syria.
But there are reports today of Pentagon officials are saying Iran intentionally aimed to miss. The UK Telegraph says since there were no U.S. casualties, it’s leading some officials to speculate Iran never really meant to hit any U.S. soldiers in the first place — just maybe rattle a big saber.
However, experts said the type of missile Iran used was notoriously unreliable, and that the regime may well have missed targets by accident.
By “accident” they could mean “incompetence.”
As we reported here, Iran’s total firepower ranks only 14th in the world (according to estimates).
Having said that, Iran is relatively well-equipped with self-propelled artillery (ranked 11th), towed artillery (ranked 8th) and rocket projectors (ranked 4th). However, the Global Firepower Index doesn’t take into account “accuracy.”
Still, the biggest worry about Iranian retaliation against the U.S. might not be conventional warfare but cyberattacks.
The country may not be great at launching missiles, but they’ve already proven adept at launching cyberattacks.
QZ.com reports, In 2012, in apparent retaliation against US sanctions, the country attacked Wall Street banks with denial of service attacks, knocking their websites offline. In 2015, Turkey blamed Iran for cyberattacks on its electric grid, which shut down power for some 40 million people. In 2017, dozens of parliamentary email accounts in the UK were compromised by a cyberattack linked to Iran. And earlier this year, Iranian hackers managed to steal terabytes of data from a US government contractor.
In June of last year, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) issued a warning about Iran:
Given recent developments, re-upping our statement from the summer.— Chris Krebs (@CISAKrebs) January 3, 2020
Bottom line: time to brush up on Iranian TTPs and pay close attention to your critical systems, particularly ICS. Make sure you’re also watching third party accesses! https://t.co/4G1P0WvjhS
Rockets in the middle of the desert are one thing, but a cyberattack that affects the lives and livelihoods of Americans on our shores could be the scariest threat of all.