Escalating Cyberwar between Iran and US

A newly disclosed National Security Agency document illustrates the striking acceleration of the use of Cyber weapons by the United States and Iran against each other, both for spying and sabotage.
The release comes even as Secretary of State John Kerry and his Iranian counterpart met in Geneva to try to break a stalemate in the talks over Iran’s disputed nuclear program.

The document, which was written in April 2013 for Gen. Keith B. Alexander, then director of the NSA, described how Iranian officials had discovered new evidence the year before that the United States was preparing computer surveillance or cyberattacks on their networks.
It detailed how the US and Britain had worked together to contain the damage from “Iran’s discovery of computer network exploitation tools” - the building blocks of cyber weapons.
That was more than two years after the Stuxnet worm attack by the US and Israel severely damaged the computer networks at Tehran’s nuclear enrichment plant.
The document, which was first reported by The Intercept, an online publication that grew out of the disclosures by Edward J. Snowden, the former NSA contractor, did not describe the targets.
But for the first time, the surveillance agency acknowledged that its attacks on Iran’s nuclear infrastructure, a George W. Bush administration program, kicked off the cycle of retaliation and escalation that has come to mark the computer competition between the United States and Iran.
The document suggested that even while the high-stakes nuclear negotiations played out in Europe, day-to-day hostilities between the United States and Iran had moved decisively into cyberspace.
A former senior intelligence official who looked at the two-page document said it provided “more evidence of how far behind we are in figuring out how to deter attacks, and how to retaliate when we figured out who was behind them.”
The document declares that American intercepts of voice or computer communications showed that three waves of attacks against US banks that began in August 2012 were launched by Iran “in retaliation to Western activities against Iran’s nuclear sector,” and added that “senior officials in the Iranian government are aware of these attacks.”
The main targets were the websites of Bank of America and JPMorgan Chase. By 2015 standards, those were relatively unsophisticated “denial of service” strikes that flooded the banks with data, so overloading them it was impossible for a time for customers to access their accounts.
More recently, the Obama administration, in an effort to deter attacks, has grown less reticent about naming countries that the administration believes are responsible for such attacks. In May, five members of the Chinese People’s Liberation Army were indicted on a charge of stealing intellectual property from American companies.
And in December, President Barack Obama said he had evidence that North Korea’s leadership was behind an attack on Sony Pictures Entertainment, though he did not provide details. The New York Times later reported that the NSA had gathered the evidence from implants it had placed in North Korean computers beginning in 2010.
http://cyberwar.einnews.com/article/251329595/ArYatoR41ThPBh5J

« FBI Close to Finding Anthem Health Hackers
The Spy Cables: A Glimpse into Espionage »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

AppViewX

AppViewX

AppViewX is a global leader in the management, automation and orchestration of network services in data centers.

TitanHQ

TitanHQ

TitanHQ offers ultimate protection from internet based threats and powerful Web filtering functionalities to SMBs, Service Providers and Education sectors around the World.

Blueskytec (BST)

Blueskytec (BST)

Blueskytec has applied its experience of over three decades of working in the field of embedded systems and encryption to provide a scalable and appropriate technology for cyber-physical devices.

OXO Cybersecurity Lab

OXO Cybersecurity Lab

OXO Cybersecurity Lab is the first dedicated cybersecurity incubator in the Central & Eastern Europe region.

PAX Momentum

PAX Momentum

PAX Momentum is the Mid-Atlantic’s premier startup accelerator, specializing in cyber, enterprise software, telecom, CleanTech, FinTech, InsureTech, and AI.

Censys

Censys

Our customers rely on Censys data to get the global visibility they need of their attack surfaces in order to proactively prevent nation-state attacks and emerging threats.

CybrHawk

CybrHawk

CybrHawk is a leading provider of information security-driven risk intelligence solutions focused solely on protecting clients from cyber-attacks.

Motorola Solutions

Motorola Solutions

Motorola Solutions build mission-critical services, software, video and analytics, backed by secure, resilient land mobile radio communications.

Consistec Engineering & Consulting

Consistec Engineering & Consulting

Consistec Engineering & Consulting GmbH is an information technology and services company offering solutions for monitoring the security of IT and OT infrastructure.

Prikus Tech

Prikus Tech

Prikus is a full-fledged Cyber Security Company helping organizations worldwide to manage cyber risks. We offer Risk & Compliance Services, Security Testing & Managed Security Services.

ABM Technology Group

ABM Technology Group

ABM Technology Group (formerly True IT) provide business information technology services, solutions, and consulting for small to mid-sized organizations.

Protega

Protega

Protega is a company specialized in Managed Cybersecurity Services (MSS) & SOC 24×7; management, risk & compliance (GRC); implementation of data protection technologies; and Red Team services.

Jitterbit

Jitterbit

Jitterbit integrates critical business processes and enables application development to deliver the experiences and insights needed by enterprises of all sizes to accelerate their digital journey.

ITConnexion

ITConnexion

ITConnexion is an Australian-based Managed IT Service with over 20 years of experience. We offer a complete IT management service for non-profits, SMEs, and enterprises.

Mode

Mode

Mode is an out-of-band communication and crisis collaboration platform. One platform to manage your cyber crisis response. Stay connected when it's needed most.

AZCOMP Technologies

AZCOMP Technologies

AZCOMP provide professional network security consulting services as well as network security auditing and assessments.