As the current situation between the US and Iran is unpleasant, with Iran’s take on hacking US government site will potentially ignite the cyberwar which can even worsen the situation further. Reportedly, a hacking group has recently hacked a US government website. The group claimed to work for the Iranian government.
The hack targeted the US Federal Depository Library Program. It has been claimed by those behind it to be a revenge attack for a drone strike in Iraq that took place on January 3, 2020. The strike killed Iranian Major General Qassem Soleimani.
The hackers left a note on the website saying “This is a message from the Islamic Republic of Iran. We will not stop supporting our friends in the regions, the oppressed people of Palestine, the oppressed people of Yemen, the people, and the Syrian government, the people and government of Iraq, the oppressed people of Bahrain, the true mujahideen resistance in Lebanon and Palestine… This is only a small part of Iran’s cyber ability. We’re always ready. To be continued.”
Moreover, the cyber breach was confirmed by the US Department of Homeland Security Cybersecurity and Infrastructure Agency. The agency added published a statement on Saturday, January 4, 2020, saying, “At this time there is no specific, credible threat against the homeland. The Department issued this bulletin to inform, share protective measures, and reassure the American public, state and local governments, and private sector partners that the Department of Homeland Security is actively monitoring and preparing for any specific, credible threat, should one arise”
After the drone strike, Iran vowed to retaliate for it and cyberwarfare is considered as a way the Islamic republic is expected to take. As the Financial Times reported that both the US public and private sectors are on high alert, the threat is considered is harmful and real as well. As noted by Silicon Angle, the US government officials can expect attacks to be focused on disrupting anything from corporate and municipal information technology systems to transit, logistics, healthcare or U.S military facilities.
What Experts Think About the Potential Cyberwar?
Hank Thomas, chief executive officer at venture capital firm Strategic Cyber Ventures said, “Iran will retaliate. There is no doubt about this. However, they will be looking for a way to appear both powerful and credible militarily at this pivotal point, without appearing to be a regional bully that traditionally relies on two-bit terrorist actions because they lack a robust advanced military response capability that could challenge the U.S. head-on.”
He further added that “showing off their offensive cyber capabilities and the reach it provides them beyond the region could very well be a part of their most likely course of action. A most dangerous course of action includes a combination of cyber and kinetic strikes both inside the region and beyond.”
Moreover, noted by Silicon Angle, according to Chris Morales, head of security analytics at cybersecurity firm Vectra AI Inc., Iran identified cyberwar capabilities as part of its attack strategy a decade ago and has gradually been building up capabilities since the country’s nuclear centrifuges were hit by the Stuxnet virus in 2010.
He said, “Cyber offensive actions have been ongoing and instigated by both sides through that time period. Iran is not as sophisticated in its cyber capabilities as it primarily leverages black market malware as opposed to the customer built malware used by U.S. and Israel cyber command. I do think Iran would prompt a cyberstrike, but they also would measure that response with the threat they know they face from a US ongoing offensive.”
Rick Holland, chief information security officer and vice president of strategy at digital risk protection firm Digital Shadows Ltd., affirmed that Iran is not the minnow some suggest. He added, “Iran’s offensive cyber capabilities have grown significantly since the 2012 days of banking sector denial of service attacks and Saudi Aramco/Shamoon destructive malware. In 2019, both the US and UK governments released multiple public alerts regarding Iranian cybersecurity threats… That’s likely to escalate as a result of Soleimani’s death.”
Additionally, Holland said, “The good news for defenders is security controls like multi-factor authentication can mitigate against account takeover attempts. Email security controls like ‘defanging’ email attachments by creating PDFs of them can mitigate malicious attachments in spear-phishing emails. Up-to-date anti-malware protection can help reduce the risks of wiper malware. The benefit of these controls is that they protect against a multitude of threats, not just Iranian attackers.”