WASHINGTON — The Obama administration has begun helping Middle Eastern allies build up their defenses against Iran’s growing arsenal of cyberweapons, and will be doing the same in Asia to contain computer-network attacks from North Korea, according to senior U.S. officials.
The officials would not say which countries in the Persian Gulf have signed up for help in countering Iran’s computer abilities. But the list, some officials said, includes the nations that have been the most active in tracking Iranian arms shipments, intercepting them in ports and providing intelligence to the United States about Iranian actions.
The three most active in that arena are Saudi Arabia, the United Arab Emirates and Bahrain.
In Asia, the countries most worried about being struck by North Korean computer attacks are South Korea and Japan.
The Defense Department’s assertive new effort in the Persian Gulf and Asia is the latest example of how the Obama administration is increasingly tailoring its national security efforts for a new era of digital conflict, in this case assuring the defense of computer networks and, if necessary, striking back against assaults.
A directive signed by the president that surfaced Friday — the third in a series of leaked documents published by the newspapers The Guardian and The Washington Post — underscored how the Obama administration is trying to prepare itself and its allies.
The presidential directive included the declaration that the United States reserved the right to take “anticipatory action” against “imminent threats,” a reference, it seemed, to the kind of crippling infrastructure attacks that Iran appears to be working on against U.S. and allied targets.
But deterring cyberattacks is a far more complex problem, and American officials concede that this effort, which will include providing computer hardware and software and training to allies, is an experiment. It has been propelled by two high-profile attacks in the past year.
One was against Saudi Aramco, Saudi Arabia’s largest, state-run oil producer, and according to American officials it was carried out by Iran. That attack crippled 30,000 computers but did not succeed in halting oil production. The other, an attack on South Korea’s banking and media companies this spring, was later attributed to North Korea. It froze the ability of several banks to operate for days.
“The Iranian attack on the Saudis was a real wake-up call in the region,” said one senior administration official, who would not speak on the record about U.S. efforts to counter Iran. “It made everyone realize that while the Iranians might think twice about launching a missile attack in the region, they see cyber as a potent way to lash out in response to sanctions.”
The administration is capitalizing on the fear created by those attacks to build on the de facto alliance against Iran that it has constructed in the region.