Cyber-attacks from Tehran dropped after the U.S., Iran and other countries agreed to an interim nuclear deal in 2013, but observers expect a new offensive if discussions taking place in Vienna fall apart before a Nov. 24 deadline.
“As soon they believe it’s to their advantage to begin again in more aggressive cyber activity toward the United States, they’re going to do it,” House Intelligence Committee Chairman Mike Rogers (R-Mich.) told The Hill in an interview.
“It would be logical to conclude that if the talks fail completely, they’ll re-engage at the same level,” Rogers said.
U.S. financial firms, oil and gas companies and water filtration systems could be among the companies targeted.
“Out of any country on the planet, I can’t think of a country that has been more focused than Iran from the high levels of government on cyber, and that includes the United States,” said Dmitri Alperovitch, co-founder of cybersecurity firm CrowdStrike, which monitors critical infrastructure attacks.
The U.S. has yet to bear the full brunt of Iran’s rapidly developing cyber capabilities.
Researchers describe Iran as a close fourth behind the U.S., Russia and China in terms of its ability to launch cyber attacks.
“But they make up for it in their apparent willingness to go on the offensive,” said Kristen Eichensehr, an international security professor at the University of California, Los Angeles, School of Law and former State Department attorney.
Iran initially ramped up its cyber efforts in 2010, culminating with a barrage of simplistic attacks on the U.S. financial sector in 2012.
“Clearly, 2012 was the worst year that we saw of the Iranian effort,” Rogers said.
Still, those prolific attacks were easy to detect and relatively harmless.
Over the last two years, Iran has formed a Supreme Council of Cyberspace that meets once a month and includes President Hassan Rouhani.
Iranian officials also strengthened cybersecurity research partnerships with Russia, and have gone from being a nascent to a burgeoning cyber power.
An example of Iran’s new prowess was its ability to reverse engineer a U.S. drone it captured after the drone crashed within Iranian borders. It took advanced hacking techniques to access and understand the software within the drone.
U.S. officials cautioned last week they are suspect the quality is equal to that of the American drone.
Still, “it shows how bolstered their program really is,” said David Kennedy, CEO of information security company TrustedSec, which monitors cyber attacks. “That’s heavily sophisticated equipment.”
A recent report from cybersecurity firm FireEye also described how one popular Iranian hacking group went from website defacements in 2010 to “malware-based espionage” in a scant four years.
Iranian hackers reportedly went after oil giant Saudi Aramco, the world’s most valuable company, and deleted the contents of 30,000 computers. The same virus also hit Qatar-based liquid petroleum gas firm RasGas.
“It’s really important to understand,” Rogers said. “They have not abandoned their cyber operations around the world. They just have not.”
While the U.S. is bombarded with cyber attacks, it has never been the subject of a large-scale destructive attack. So far, Tehran’s hackers are mostly suspected of probing around U.S. infrastructure networks to understand their designs.
But that could change if the nuclear talks fall apart. And this time, an Iranian attack could be more advanced.
Kennedy thinks Tehran would use stealth malware to infiltrate bigger companies across more sectors.
Falling worldwide oil prices would also make U.S. oil companies an attractive target, Alperovitch said.
“That’s going to be a key interest of theirs,” he said.
While no security experts think Iran would launch a destructive attack on the U.S. if the nuclear talks dissolved, Tehran’s ability to embed malware in U.S. networks would give them the ability to do so.
“Once you’re in the system,” Alperovitch said, “it’s just a few keystrokes for you to delete those files.”
At a House hearing Thursday, National Security Agency Director Michael Rogers said China and “one or two” other countries are able to shut down portions of the U.S. critical infrastructure with a cyberattack. Researchers and Rep. Rogers suspect Iran might be on that list.
“My gosh, what if they actually hit one of our financial institutions and were able to take offline 30,000 computers and destroy and manipulate data in those networks?” Rogers said.
“That’s what keeps me up at night.”
Feb 18, 2019 Comments Off on Chinese and Iranian Hackers Renew Their Attacks on U.S. Companies
Feb 18, 2019 Comments Off on Iran is responsible for Yemen’s humanitarian crisis, says Pompeo
Feb 15, 2019 Comments Off on Netanyahu on Reported Attack: Israel ‘Constantly Operating’ Against Iran in Syria
Feb 15, 2019 Comments Off on Warsaw summit: Why Iran is the elephant in the room
Feb 18, 2019 Comments Off on Gantz: I Stand With Netanyahu Against Iran
Feb 18, 2019 Comments Off on U.S. Air Force officer helped Iran wage cyber attack on U.S.
Feb 16, 2019 Comments Off on Mike Pence claims Iran is planning a ‘new Holocaust’ to destroy Israel
Feb 16, 2019 Comments Off on IRAN’S ‘TOXIC MONEY’ PREVENTING ISRAELI-PALESTINIAN PEACE- BAHRAINI FM
Feb 18, 2019 Comments Off on Chinese and Iranian Hackers Renew Their Attacks on U.S. CompaniesChinese and Iranian Hackers Renew Their Attacks on U.S. Companies Chinese and Iranian Hackers Renew Their Attacks on U.S. Companies Businesses and government agencies in the United States have been targeted in...
Feb 18, 2019 Comments Off on Gantz: I Stand With Netanyahu Against IranGantz: I Stand With Netanyahu Against Iran Gantz: I Stand With Netanyahu Against Iran Benny Gantz, Hosen L’Yisrael chairman and prime ministerial hopeful, said Sunday that he backs Prime Minister Benjamin...
Jul 14, 2016 Comments Off on Corps’ one hundred thousand of triggered missiles in Lebanon:An official Israel-threatening by CorpsIran Briefing: Since August 7, 1979, when Ayatollah Khomeini declared the last Friday of Ramadhan as “Quds Day”, the Islamic Republic has always tried to hold an imposing ceremony by using state resources as well as requiring people’s involvement. This year’s Quds march had fundamental...