US On Alert For Cyberattacks Supported By Iranian Gov’t
Following the recent assassination of Iran’s top military officer, Qassem Soleimani, the US has shored up its cyber security, and has been on high alert for any form of retaliation from Iran, even from third-party hackers and cyberterrorists that the country might be quietly backing.
Experts in the US are warning about potential assaults on key IT systems in the US, alongside disinformation efforts, which they say might be focused on disrupting key cyber-infrastructure, like municipal, corporate, or government IT systems, to logistics, transport, healthcare, and even US military installations.
FireEye, a cyber security firm, and thinktank Atlantic Council noted that there’s already evidence showing that Iran has increased their use of fake social media in order to spread pro-Iran propaganda following the killing of Soleimani in Baghdad.
FireEye Director of Intelligence John Hutquist says that the intention would be to tell the American people that they can be reached; that they can be attacked. He says that it’s probably past Iran to tear the whole grid down, but attacks that can wipe IT systems clean is within their capabilities, which they can use to cause serious damage.
Before President Obama’s Iran Nuclear Deal, Tehran had been working on its cyber capabilities, having been linked to attacks on US banks which happened around 2011 and 2012. Experts note that the Iranian government isn’t as active as Russia and China in cyberwarfare, but Zerofox’s Zack Allen says that hacker groups like APT33, Charming Kitten, have been connected to the country in the past. During that same period, the US Treasury also implemented sanctions on several Iranian companies associated with the state and military for cyberattacks.
Experts say that the nuclear agreement led to the attacks dying down, but with the recent assassination, tensions have flared up and cyberattacks might be on the way, hence why US cyber security experts are warning people to be ready.
US Department of Homeland Security Cyber Division Director Chris Krebs says that now is the time to learn of Iranian’s tactics, techniques, and procedures, as well as keeping a close track of critical systems. He notes that companies and entities should always know who has third-party access to their IT systems, with cities and hospitals needing particular vigilance, as they’re what he calls, ‘soft targets’.