Security News > 2020 > January > Threat Posed by Iran to Industrial Systems After Killing of Top General
Cybersecurity experts believe Iran will likely also respond with cyberattacks to the recent U.S. airstrike that killed senior Iranian military commander Qassem Soleimani, and while many doubt that Iran has the capability to cause significant damage if these attacks are aimed at critical infrastructure or industrial control systems, organizations have still been advised to prepare for the possibility of being targeted.
Iran has responded to Soleimani's killing by firing ballistic missiles at two Iraqi bases housing U.S. troop, but Tehran could take other actions as well, including in cyberspace.
"Dragos has warned industrial asset owners and operators worldwide, particularly in the Middle East and North America, to monitor their environments carefully for threat behaviors and review response plans. Our biggest concern is that this conflict will lead to disruption or destruction of civilian critical infrastructure possibly affecting lives and livelihoods. It is not possible to know if, when, or where Iran, the US, or others may employ cyber effects as part of their operations, but as tensions rise the likelihood of a cyber attack increases."
"Our position is that owners and operators should remain vigilant given the recent events. Heightened threat activity against ICS/OT networks often correlates with geopolitical volatility and it's certainly plausible that Iran would retaliate against critical infrastructure. At the same time, I'd caution against alarmist reports that place high levels of confidence in a retaliatory cyber attack. From a technical perspective, companies should be sure to monitor their ICS connections, particularly as it relates to third-parties and other remote connections based on historical publications of Iranian TTPs.".
"Iran has shown a demonstrated ability and propensity to go after heavy industry. Any organization with substantial ICS infrastructure should be on high alert now for potential attacks. Heavy industry, oil and gas, electrical generation and the attached grid infrastructure, as well as other critical infrastructure are all caught in the crosshairs as of this moment. At the same time, Iran may not target the ICS and SCADA systems directly: they may go after the more traditional IT infrastructure being used by these companies."