A State Department security report sent to U.S businesses warns that Iran is “rapidly building cyber warfare capabilities” and may be planning a cyberattack on global critical infrastructure, according to The Washington Free Beacon.
The internal report sent to businesses last week by the Overseas Security Advisory Council concluded that Iran’s offensive cyber capabilities have rapidly evolved, with Tehran now considered a “sophisticated cyber adversary.”
“Iranian hackers have been suspected in multiple incidents that inflicted damage on various entities in the private sector, including finance and energy firms,” according to the five-page report, “Pistachios and Saffron: Investigating the Iranian Cyber Threat,” the Beacon reports.
Four trends have been identified, according to the report: “Retaliation, coordination between cyber and political strategy, increased technical sophistication, and a focus on attacking critical infrastructure.”
Critical infrastructure, according to the Beacon, includes computer networks that control finance, transportation, water, public health, security, telecommunications and electrical grids, the latter perhaps the most critical “because electricity is common to all networks.”
Iran is responsible for targeting its cyberattacks at U.S. government officials involved in nuclear nonproliferation, for the 2012 hacking of the Marine Corps’ Intranet, and a 2014 wiper malware attack on the $14 billion Las Vegas Sands casino network, owned by Sheldon Adelson, a conservative multibillionaire and outspoken supporter of Israel. The State Department linked that attack to critical remarks Adelson had made about Iran.
Tehran is also responsible for a 2012 cyberattack on oil producer Saudi Aramco, an assault that destroyed data on tens of thousands of computers. According to a February piece inThe New York Times, the Saudi Aramco attack “appeared to pave the way for a technically similar strike on Sony last year.”
The National Security Agency document cited by the Times also indicated that the Saudi Aramco attack was a quid pro quo for “a similar cyberattack” against Iran’s oil industry that same year, though the report did not suggest who was responsible for that attack.
Iran was also behind attacks on Israeli communications during the Hamas conflict last summer, according to the Beacon.
The Times reported in February that a recently disclosed NSA document showed that even as Iran and the United States negotiated in Geneva over Tehran’s nuclear capabilities, the countries were both engaged in the use of cyber weapons for the purpose of spying and sabotage.
The Hill reports that a final nuclear deal with Tehran — the deadline is July 1 — could actually “jumpstart” the country’s cyber warfare program.
The easing of economic sanctions as a result of a deal could benefit its growing cyber program.
Tehran might “spare” the U.S. a cyberattack if the nations come to an agreement, according to The Hill, “but they would also gain access to better technology and training, speeding the already rapid pace at which the country is becoming a major cyber power.”
And if the deal doesn’t materialize, Iran will likely “retaliate aggressively against U.S. companies through cyberspace.”
Fred Kagan, a national security scholar at the American Enterprise Institute, told The Hill that either way it’s a frightening proposition for the United States.
“We’re in a lose-lose situation from that standpoint,” said Kagan. “Would you rather have them do that with more resources or fewer?”
View the original content and more from this author here: http://ift.tt/1J9DWKr
from critical infrastructure alliance http://ift.tt/1KZIL88
via IFTTT
No comments:
Post a Comment