Security News
Iran repelled a cyberattack on Saturday that disrupted the country's internet services for an hour, a telecommunications ministry official said. "At 11:44 a distributed denial-of-service attack disrupted the internet services of some mobile and fixed operators for an hour," tweeted Sajad Bonabi.
Attacks recently identified to target a key organization in the European energy sector have employed a remote access Trojan previously associated with Iran-linked threat actors, Recorded Future reports. The researchers were able to identify a PupyRAT command and control server that communicated with a mail server for a European energy sector organization between November 2019 and at least January 5, 2020.
Iran is widely expected to ramp up cyberattacks against the United States in response to the US killing of a top Iranian leader this month even as fears have receded about a military confrontation between the two countries. While Iran appeared to be "Standing down" from a military response, according to US President Donald Trump, the cyber threat remains real, said analysts.
Cybersecurity experts believe Iran will likely also respond with cyberattacks to the recent U.S. airstrike that killed senior Iranian military commander Qassem Soleimani, and while many doubt that Iran has the capability to cause significant damage if these attacks are aimed at critical infrastructure or industrial control systems, organizations have still been advised to prepare for the possibility of being targeted. Iran has responded to Soleimani's killing by firing ballistic missiles at two Iraqi bases housing U.S. troop, but Tehran could take other actions as well, including in cyberspace.
TEHRAN, Iran - Iran struck back at the United States for the killing of a top Iranian general early Wednesday, firing a series of ballistic missiles at two Iraqi bases housing U.S. troops in a major escalation that brought the two longtime foes closer to war. Iran's Revolutionary Guard warned the U.S. and its regional allies against retaliating over the missile attack against the Ain al-Asad air base in Iraq's western Anbar province.
With tensions soaring between America and Iran following the drone strike that killed top Persian general Qassem Soleimani, experts are weighing in on what the US could face should the Mid-East nation fully mobilize its cyber resources. "Iran maintains a robust cyber program and can execute cyber attacks against the United States," Uncle Sam warned.
Following the killing of Iran's Major General Qasem Soleimani in a U.S. drone strike in Baghdad late last week, security experts have warned of possible retaliatory cyber strikes. Kellermann, head of cybersecurity strategy at VMware, is the former CEO at Strategic Cyber Ventures.
UPDATE. A U.S. government website was vandalized late Saturday by hackers who posted images of a bloodied President Donald Trump being punched in the face and pro-Iran messages. The hackers, who struck as tensions between the U.S. and Iran heat up, claimed to be "Iran cyber security group hackers," however, there's no evidence to confirm any attribution to Iran at the moment, according to the Department of Homeland Security.
Breaking into a website, or seizing its domain name and redirecting the domain, is rarely a long-lasting attack, but it usually causes embarrassment, and, at a technical level, highlights gaps in website security. Iran's online attack capabilities are well developed, and using hack attacks avoids bullet-and-missile exchanges against the U.S., with many experts noting that Iran would be unlikely to win such a fight.
While the notice did not mention any specific threat against the U.S., it did note that "Iran maintains a robust cyber program and can execute cyber attacks against the United States. Iran is capable, at a minimum, of carrying out attacks with temporary disruptive effects against critical infrastructure in the United States." Tom Kellermann, the head of cybersecurity strategy at VMware, who served as a cybersecurity adviser to the Obama administration, says that a retaliatory cyber strike by Iran is almost assured.