29 April 2014, 21:15

Iran speedily advances in cyber attacks on US trailing right behind China

Iran speedily advances in cyber attacks on US trailing right behind China

A report released earlier this month by a US based cyber security company Mandiant suggests that though major cyber espionage threat comes from China and Russia, Iran is quickly coming on, as became apparent in the wake of the August 2012 attacks.

 

The first worrying "wake-up call" came in 2012 as Iran's attacks targeted two Gulf energy companies from Saudi Arabia and Qatar by destroying data on tens of thousands of computers. The practice then spread on further to western energy firms and government agencies, as the state kept attacking in a fashion "consistent with network reconnaissance", as noted by Laura Galante, from Mandiant, who used to be a US government cyber expert. Also, a spate of intense distributed denial of service attacks (DDoS) against a range of high-profile US banks began in fall 2012, running for about a year, till it finally subsided.

Mandiant compared the attacks to those performed by more experienced adversaries such as China, concluding the recent attacks from Iran against the west had been relatively simple and lacked in sophistication. "The malicious software used in the Iranian cyber-attacks did not show great sophistication, the report said. Unlike Russian and Chinese adversaries, Iranian hackers are mostly using standard tools availableon the black market. But that’s almost beside the point," the report states.

However, there’s a plethora of opportunities for further growth and advancement, as nothing stands in the way of Iran testing new technologies. "The US and other nation-states’ increasingly public discussions of their offensive cyber capabilities might very well encourage other interested actors to develop and test their own skills."

Growth seems even more probable thanks to sufficient funding from the government, other cyber experts agree.

"They’ve put in place the structures, strategy – and have acquired software tools from the black market," James Lewis, a cyber expert with the Center for Strategic and International Studies, in a recent interview to Cyber Conflict Monitor website. "They have groups whose job it is to hack," he adds.

The former attacks on US banks ceased probably due to a shift requited by Iranian authorities looking to smooth international talks over Iran’s alleged nuclear program, some experts say. But Iran could become more aggressive and show further belligerence if the outcome of the talks happens not to meet Iran’s expectations, they note.

For the time being, the US is increasingly worried about the rise in Iran’s cyber expertise. Back in 2012 though wary of even more intense attacks, the Obama administration chose not to hack into the adversary’s network in Iran and "squelch the problem at its source," as reported by Washington Post.

 

Instead, officials did something they had never tried before, notably appealed to as many as 120 countries globally asking them to sever the traffic locally, removing the malicious computer code from the servers used as springboards for Iran’s attacks, in a move more diplomatic, than technical.

It came to light later, though, Barack Obama carried out a number of covert operations aimed at Iran days after he took office. 

The first wave of digital attacks against Iran happened during the presidency of George W. Bush. They were codenamed "The Olympic Games" and considered the very first sustained use of cyber weapons. Since then the notorious stuxnet virus has invaded systems at Iran's nuclear power plant.

The story reached its climax on 28 May 2012, when Iran announced the most crippling computer virus ever written, had been detected on its government computers. The Flame virus was intercepted and its infection components posted on the website, Iran's Computer Emergency Response Team, MAHER announced in the wake of the accident.

Iran's recent actions seem to be perfectly justified then, with these arguments in mind, experts agree.

 

  •  
    and share via