As tensions between Iran and the US peak, the US has begun launching cyber attacks against Iran. A US official and a former US intelligence official, confirmed the attacks against the Iranian hacker group. According to them, the attack was launched by the U.S Cyber Command (USCC). This retaliation comes after the group was found attacking US systems, two US oil tankers. The US also attacked the Iranian military command and control systems. Additionally, the cyber attacks were approved by the President last week, hitting the Iranian Intel network.
Yahoo News was the first to report the strike against the spy group, APT33. This hacker group has close ties with the Iranian government. They have also been behind recent attacks on military and civilian ships passing in the Strait of Hormuz. Further, the source also told them that Iran has increased its cyber activity against some Gulf countries like the United Arab Emirates, Bahrain, and US targets.
Before the attack, several U.S based cyber intelligence firms also reported multiple attempts by Iranian hackers trying get into U.S systems. The firms found that the group was attempting to attack public and private firms in the U.S using spearphishing techniques. The New York Times, reported that the attack was planned several weeks in advance, as an reaction to the attack on oil tankers and the US drone.
Chris Krebs, Director of the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) released a statement saying:
“Iranian regime actors and proxies are increasingly using destructive ‘wiper’ attacks, looking to do much more than just steal data and money. These efforts are often enabled through common tactics like spear phishing, password spraying, and credential stuffing. What might start as an account compromise, where you think you might just lose data, can quickly become a situation where you’ve lost your whole network.”
The U.S has not confirmed these attacks. However, a spokesman for the Pentagon stated on the matter saying,
“as a matter of policy and for operational security, we do not discuss cyberspace operations, intelligence or planning.”
According to The Washington Post the attack was ‘crippling to Iran’s military command and control systems’ and did not result in loss of life. It is likely that the attacks did not hit the Iranian government very hard. Additionally, neither the US nor the Iranian government have confirmed the attacks. However, a popular new outlet in Iran, Fars News Agency, did state that reports of the attack are a:
“bluff meant to affect public opinion and regain lost reputation for the White House.”
Security experts are concerned, that this attack can lead to damaging effects resulting in more conflict. There has already been an increase in cyber attacks on US systems. Further, some experts believe that Iran will retaliate by hitting soft targets in an attempt to increase their advantage. Tensions between the two countries are expected to rise as they continue to attack each other.
Contact LIFARS immediately if your organization was attacked