An Iranian Hacker Confesses

Uploaded on 2018-05-25 in NEWS-Cybersecurity News, INTELLIGENCE-Hot Spots-Iran, GOVERNMENT-National, FREE TO VIEW, TECHNOLOGY--Hackers

Government agencies and security experts are concerned that retaliatory cyberattacks against the Western world are highly likely after President Trump's 8th May announcement that the United States would abandon the Iran nuclear deal.

Given that the Islamic Republic of Iran commonly responds to sanctions with offensive cyber campaigns, understanding the hierarchy of Iran's hackers offers insight into how to best defend against the looming prospect of risk.

The Insikt Group, a threat research team that is part of Recorded Future community, has released new research on cyber-activity in Iran.

The information was garnered through interviews with a former Iranian hacker, who started one of Iran's first security forums. 

"Judging from historical patterns, the businesses likely to be at greatest risk are in many of the same sectors that were victimised by Iranian cyber-attacks between 2012 and 2014 and include banks and financial services, government departments, critical infrastructure providers, and oil and energy," wrote Levi Gundert, VP of threat intelligence at Recorded Future.

Iranian cyber-operations have long been administered through a tiered approach, using a trusted group of middle managers to translate intelligence priorities into segmented cyber-tasks. Those tasks are then bid out to multiple contractors, a system that pits contractors against each other for influence with the Iranian government. In addition, the Insikt Group analysed web traffic across prestigious academic institutions to find several activities of concern emanating from various registered ranges. 

These include allocated IP spaces of Iran's Cyberspace Research Institute, the Imam Hossein Comprehensive University and the Mabna Institute, which was publicly identified in an FBI indictment (pictured) as a front company engaged in hostile state-sponsored cyber-espionage.

Iran has a unique dynamic between trust and skill in selecting contractors to work for the Islamic Republic in accomplishing its offensive cyber-campaigns. 

However, "We believe that contractor selection for this response may favor speed and skill over trust and loyalty, resulting in the use of new or unproven contractors," said Gundert. 

"New or unproven contractor’s actions could result in a destructive attack with potentially wider impact than originally envisioned by the Iranian government."

"American businesses should be aware of Iran’s history and the likely response that these economic sanctions will trigger. Specifically, the financial services and energy industries should be preparing for the Iranian government’s response," said Gundert.

Infosecurity Magazine

You Might Also Read: 

Iran Likely To Retaliate With Cyberattacks:

Iranian Hackers Have Infiltrated US Infrastructure:


 

 

« Is the Pentagon Cloud Secure Enough to Hold Nuclear Secrets?
Preventing Another Wannacry »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Protiviti

Protiviti

Protiviti consulting solutions span critical business problems in technology, business process, analytics, risk, compliance, transactions and internal audit.

Fair Isaac Corporation (FICO)

Fair Isaac Corporation (FICO)

FICO provides analytics software and tools used across multiple industries to manage risk, fight fraud, optimize operations and meet strict government regulations.

Dermalog Identification Systems

Dermalog Identification Systems

Dermalog Identification Systems is a pioneer in biometry and the largest German manufacturer of biometric devices and systems.

Cyber Security Education

Cyber Security Education

CybersecurityEducation.org is an online directory of cyber security education and careers.

Fend

Fend

Fend secures smart infrastructure. We provide a robust, highly secure way to have situational awareness of IoT enabled assets.

Lumu Technologies

Lumu Technologies

Lumu is a cybersecurity company that illuminates threats and attacks affecting enterprises worldwide.

Cyber Pop-Up

Cyber Pop-Up

Cyber Pop-Up provide on-demand access to top security experts. No recruiting. No onboarding. No overhead costs.

Network Utilities (NetUtils)

Network Utilities (NetUtils)

Network Utilities provide identity centric network and security solutions to organisations from Telecoms and ISPs to SMEs and large corporates.

HackersEra

HackersEra

HackersEra is a leading offensive cybersecurity service provider. We enable our clients to operate in a more secure environment efficiently and produce more value.

Randaemon

Randaemon

RANDAEMON’s mission is to create True Random Number Generators (TRNG) that are hardware-based and integrated into System-on-Chip.

Ping Identity

Ping Identity

At Ping Identity, we believe in making digital experiences both secure and seamless for all users, without compromise. That’s digital freedom.

Seedcamp

Seedcamp

Seedcamp identify and invest early in world-class founders attacking large and global markets through disruptive technology in areas including AI, cybersecurity, and Fintech.

Keytos

Keytos

Keytos has revolutionized the Identity Management and PKI industry by creating cryptographic tools that allow you to go password-less by making security transparent to the user.

Cura Technology

Cura Technology

Cura Technology offers a wide array of security solutions meticulously designed to address specific facets of your security requirements.

Razilio

Razilio

Razilio is a boutique cybersecurity consultancy located in Sydney, Australia and serving the world.

Blackwire Labs

Blackwire Labs

Blackwire.ai is the first multidisciplinary cybersecurity advisor, powered by AI and trained by cybersecurity experts to enhance your team's capabilities and improve resilience.