An Iranian Hacker Confesses

Uploaded on 2018-05-25 in NEWS-News Analysis, INTELLIGENCE-Hot Spots-Iran, GOVERNMENT-National, FREE TO VIEW, TECHNOLOGY--Hackers

Government agencies and security experts are concerned that retaliatory cyberattacks against the Western world are highly likely after President Trump's 8th May announcement that the United States would abandon the Iran nuclear deal.

Given that the Islamic Republic of Iran commonly responds to sanctions with offensive cyber campaigns, understanding the hierarchy of Iran's hackers offers insight into how to best defend against the looming prospect of risk.

The Insikt Group, a threat research team that is part of Recorded Future community, has released new research on cyber-activity in Iran.

The information was garnered through interviews with a former Iranian hacker, who started one of Iran's first security forums. 

"Judging from historical patterns, the businesses likely to be at greatest risk are in many of the same sectors that were victimised by Iranian cyber-attacks between 2012 and 2014 and include banks and financial services, government departments, critical infrastructure providers, and oil and energy," wrote Levi Gundert, VP of threat intelligence at Recorded Future.

Iranian cyber-operations have long been administered through a tiered approach, using a trusted group of middle managers to translate intelligence priorities into segmented cyber-tasks. Those tasks are then bid out to multiple contractors, a system that pits contractors against each other for influence with the Iranian government. In addition, the Insikt Group analysed web traffic across prestigious academic institutions to find several activities of concern emanating from various registered ranges. 

These include allocated IP spaces of Iran's Cyberspace Research Institute, the Imam Hossein Comprehensive University and the Mabna Institute, which was publicly identified in an FBI indictment (pictured) as a front company engaged in hostile state-sponsored cyber-espionage.

Iran has a unique dynamic between trust and skill in selecting contractors to work for the Islamic Republic in accomplishing its offensive cyber-campaigns. 

However, "We believe that contractor selection for this response may favor speed and skill over trust and loyalty, resulting in the use of new or unproven contractors," said Gundert. 

"New or unproven contractor’s actions could result in a destructive attack with potentially wider impact than originally envisioned by the Iranian government."

"American businesses should be aware of Iran’s history and the likely response that these economic sanctions will trigger. Specifically, the financial services and energy industries should be preparing for the Iranian government’s response," said Gundert.

Infosecurity Magazine

You Might Also Read: 

Iran Likely To Retaliate With Cyberattacks:

Iranian Hackers Have Infiltrated US Infrastructure:


 

 

« Is the Pentagon Cloud Secure Enough to Hold Nuclear Secrets?
Preventing Another Wannacry »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

6cure

6cure

The 6cure Threat Protection solution eliminates malicious traffic to critical services in real time and protects against DDoS attacks.

Be Cyber Aware At Sea

Be Cyber Aware At Sea

Be Cyber Aware At Sea is a global maritime and offshore industry initiative to raise awareness and educate crew members and the offshore workforce.

Pixalate

Pixalate

Pixalate is an omni-channel fraud intelligence company that works with brands and platforms to prevent invalid traffic and improve ad inventory quality.

ByteLife Solutions

ByteLife Solutions

ByteLife Solutions specialises in the provision of IT infrastructure services and solutions, including cybersecurity.

ETSI

ETSI

ETSI is a European Standards Organization dealing with telecommunications, broadcasting and other electronic communications networks and services including cybersecurity.

iosiro

iosiro

iosiro was created to guide companies through securely using blockchain technologies. We help teams launch and manage ICOs, deploy secure dApps, and integrate private networks into business practices.

Intel Capital

Intel Capital

Intel Capital, Intel's strategic investment organization, backs innovative technology startups and companies worldwide. We invest in a broad range of hardware, software, and services.

Cyber Security Africa

Cyber Security Africa

Cyber Security Africa is a full-service Information Security Consulting firm offering a comprehensive range of Services and Products to help organizations protect their valuable assets.

Elron Ventures

Elron Ventures

Elron partner with early stage ventures to build companies that transform lives and industries. Our main areas of focus are enterprise software, cybersecurity, and healthcare.

Avertium

Avertium

Avertium is the managed security and consulting provider that companies turn to when they want more than check-the-box cybersecurity.

Cyber Range Solutions (CRS)

Cyber Range Solutions (CRS)

CRS provides cyber security training and improve security team performance by providing a hyper realistic, virtual training environment.

Moviri

Moviri

Moviri combines security technology engineering, intelligence expertise and our data science DNA to help companies manage digital risk end-to-end.

Sourcepass

Sourcepass

Sourcepass is an IT consulting company that focuses on providing expert IT services, cloud computing solutions, cybersecurity services, website, and application development.

European Union Agency for Network and Information Security (ENISA)

European Union Agency for Network and Information Security (ENISA)

The European Union Agency for Cybersecurity, ENISA, is the Union’s agency dedicated to achieving a high common level of cybersecurity across Europe.

LetsData

LetsData

LetsData uses AI to provide governments, intergovernmental organizations, civil society, and businesses with data-empowered decisions on communication in the age of online disinformation.

Zeus Cloud

Zeus Cloud

Zeus Cloud provide clients with world-class web hosting services to businesses both big and small.