Cyber-attacks from Tehran dropped after the U.S., Iran and other countries agreed to an interim nuclear deal in 2013, but observers expect a new offensive if discussions taking place in Vienna fall apart before a Nov. 24 deadline.
“As soon they believe it’s to their advantage to begin again in more aggressive cyber activity toward the United States, they’re going to do it,” House Intelligence Committee Chairman Mike Rogers (R-Mich.) told The Hill in an interview.
“It would be logical to conclude that if the talks fail completely, they’ll re-engage at the same level,” Rogers said.
U.S. financial firms, oil and gas companies and water filtration systems could be among the companies targeted.
“Out of any country on the planet, I can’t think of a country that has been more focused than Iran from the high levels of government on cyber, and that includes the United States,” said Dmitri Alperovitch, co-founder of cybersecurity firm CrowdStrike, which monitors critical infrastructure attacks.
The U.S. has yet to bear the full brunt of Iran’s rapidly developing cyber capabilities.
Researchers describe Iran as a close fourth behind the U.S., Russia and China in terms of its ability to launch cyber attacks.
“But they make up for it in their apparent willingness to go on the offensive,” said Kristen Eichensehr, an international security professor at the University of California, Los Angeles, School of Law and former State Department attorney.
Iran initially ramped up its cyber efforts in 2010, culminating with a barrage of simplistic attacks on the U.S. financial sector in 2012.
“Clearly, 2012 was the worst year that we saw of the Iranian effort,” Rogers said.
Still, those prolific attacks were easy to detect and relatively harmless.
Over the last two years, Iran has formed a Supreme Council of Cyberspace that meets once a month and includes President Hassan Rouhani.
Iranian officials also strengthened cybersecurity research partnerships with Russia, and have gone from being a nascent to a burgeoning cyber power.
An example of Iran’s new prowess was its ability to reverse engineer a U.S. drone it captured after the drone crashed within Iranian borders. It took advanced hacking techniques to access and understand the software within the drone.
U.S. officials cautioned last week they are suspect the quality is equal to that of the American drone.
Still, “it shows how bolstered their program really is,” said David Kennedy, CEO of information security company TrustedSec, which monitors cyber attacks. “That’s heavily sophisticated equipment.”
A recent report from cybersecurity firm FireEye also described how one popular Iranian hacking group went from website defacements in 2010 to “malware-based espionage” in a scant four years.
Iranian hackers reportedly went after oil giant Saudi Aramco, the world’s most valuable company, and deleted the contents of 30,000 computers. The same virus also hit Qatar-based liquid petroleum gas firm RasGas.
“It’s really important to understand,” Rogers said. “They have not abandoned their cyber operations around the world. They just have not.”
While the U.S. is bombarded with cyber attacks, it has never been the subject of a large-scale destructive attack. So far, Tehran’s hackers are mostly suspected of probing around U.S. infrastructure networks to understand their designs.
But that could change if the nuclear talks fall apart. And this time, an Iranian attack could be more advanced.
Kennedy thinks Tehran would use stealth malware to infiltrate bigger companies across more sectors.
Falling worldwide oil prices would also make U.S. oil companies an attractive target, Alperovitch said.
“That’s going to be a key interest of theirs,” he said.
While no security experts think Iran would launch a destructive attack on the U.S. if the nuclear talks dissolved, Tehran’s ability to embed malware in U.S. networks would give them the ability to do so.
“Once you’re in the system,” Alperovitch said, “it’s just a few keystrokes for you to delete those files.”
At a House hearing Thursday, National Security Agency Director Michael Rogers said China and “one or two” other countries are able to shut down portions of the U.S. critical infrastructure with a cyberattack. Researchers and Rep. Rogers suspect Iran might be on that list.
“My gosh, what if they actually hit one of our financial institutions and were able to take offline 30,000 computers and destroy and manipulate data in those networks?” Rogers said.
“That’s what keeps me up at night.”
Mar 07, 2018 Comments Off on Hassan Rouhani: West will regret collapse of Iran nuclear deal
Feb 28, 2018 Comments Off on Iran: Dozens of women ill-treated and at risk of long jail terms for peacefully protesting compulsory veiling
Feb 16, 2018 Comments Off on UN calls on Iran to stop ‘surge’ of juvenile executions
Feb 13, 2018 Comments Off on Iran unveils nuclear ready ballistic missile during military parade that can hit Israel
Mar 16, 2018 Comments Off on Mattis accuses Iran of meddling in Iraq’s elections
Mar 09, 2018 Comments Off on Iranian Woman Protest Mandatory Hijab Sentenced to Two Years in Prison
Feb 27, 2018 Comments Off on Europeans Dig In Against New Iran Sanctions Risking Nuclear Deal
Feb 21, 2018 Comments Off on Clashes Between Police and Sufi Protesters in Iran, Six People Dead, Hundreds Arrested
Mar 16, 2018 Comments Off on Mattis accuses Iran of meddling in Iraq’s electionsMattis accuses Iran of meddling in Iraq’s elections Iran is funnelling money into Iraq to influence the outcome of its elections, the US Defence Secretary James Mattis said, calling it part of a broader pattern of...
Feb 13, 2018 Comments Off on Iran unveils nuclear ready ballistic missile during military parade that can hit IsraelIran unveils nuclear ready ballistic missile during military parade that can hit Israel Iran has unveiled a ballistic missile reportedly capable of carrying nuclear warheads and with a sufficient range to...
Jul 14, 2016 Comments Off on Corps’ one hundred thousand of triggered missiles in Lebanon:An official Israel-threatening by CorpsIran Briefing: Since August 7, 1979, when Ayatollah Khomeini declared the last Friday of Ramadhan as “Quds Day”, the Islamic Republic has always tried to hold an imposing ceremony by using state resources as well as requiring people’s involvement. This year’s Quds march had fundamental...