US Cyber Attack On Iran

Mistrust and hostilities between Iran and the US are increasing with the attacks on drones, shipping and cyber hacking and the countries are certainly getting closer to outright war. Tensions between Iran and the US have increased since the United States came out of the Nuclear Agreement between Iran and global powers and now Iran says it will breach, on 27 June, the limit on its stockpile of enriched uranium that was set in the Nuclear Agreement of 2015. 

Now Iran has recently said it had exposed a large cyber espionage network it alleged was run by the US Central Intelligence Agency (CIA), and that several US spies had been arrested in different countries as the result of this action. Security analysts say that Iran has used hackers to send phishing emails to a series of US targets. 

US-Iran tensions are growing following accusations by US President Donald Trump’s administration that Tehran attacked two oil tankers in the Gulf of Oman, a vital oil shipping route and the taking down of a US drone. 

Now US Cyber Command has launched a reciprocal digital strike against an Iranian spy group that supported the recent limpet mine attacks on commercial ships, according to two former intelligence officials who were interviewed by some of the US press.

The United States has also deployed a carrier strike group and bombers to the and announced plans to deploy 1,500 troops to the Middle East, prompting fears of a conflict. 

The Iranian group, which has ties to the Iranian Revolutionary Guard Corps, has over the past several years digitally tracked and targeted military and civilian ships passing through the economically important Strait of Hormuz, through which pass 17.4 million barrels of oil per day. Those capabilities, which have advanced over time, enabled attacks on vessels in the region for several years.

Though sources did not provide any further details of the retaliatory cyber operation, the response highlights how the Persian Gulf has become a staging ground for escalating digital, as well as conventional, conflict, with both the United States and Iran trying to get the upper hand with cyber capabilities.

The retaliatory cyber response follows several weeks of mounting tension in the region, which appeared set to boil over after last week’s attacks on two oil tankers in the Gulf. 

US officials blamed Iran for the attacks and threatened to strike back if US interests in the region were harmed. Then, on Thursday 20th June, Iranians shot down a $240 million US military drone.In response, President Trump initially authorised, but then decided against, targeted military strikes. His tweets on Friday morning said that he pulled back before any missiles were launched when he learned 150 Iranians might die.

Meanwhile, multiple private US cyber intelligence firms have reported attempts by Iranian hackers in recent weeks to infiltrate American organisations. US officials have said they fear heightened escalations not only in physical space but in cyberspace as well.

The National Security Council declined to comment on the Iranian cyber group or the US Cyber Command response. 
Iran’s cyber capabilities are not the most sophisticated, at least compared to the United States’, but they are getting better. 
Tehran’s ability to gather information and unleash offensive operations has developed significantly in the last decade or so, particularly after Iranian centrifuges at the Natanz uranium enrichment plant were struck by a malicious computer worm created by US and Israeli intelligence and first revealed in 2010. 

In 2010, the so-called Stuxnet virus disrupted the operation of thousands of centrifuges at a uranium enrichment facility in Iran. Iran accused the US and Israel of trying to undermine its nuclear program through covert operations.

“After the Stuxnet event, Iran really cranked up its capability,” said Gary Brown, who served as the first senior legal counsel for US Cyber Command and is currently a professor on cyber law at the National Defense University. Brown cited Iran’s cyber-attacks on global financial institutions, Saudi Aramco and the Sands Casino. 

Yahoo:         CBS:         Reuters:

You Might Also Read:

Iranian Cyber-Espionage Exposed:

US Under Attack By Chinese & Iranian Hackers:

 

« British Police Forensics Attacked
SMEs Need A Disaster Recovery Plan »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Omerta

Omerta

Omerta is a global security technology and services company. We advise, consult, design, build, mitigate, protect, manage, provide and train to protect from increasing cyber threats.

FlashRouters

FlashRouters

FlashRouters offers DD-WRT compatible router models with improved performance, privacy/security options, and advanced functionality.

Globalscape

Globalscape

Globalscape is a leader in secure data exchange solutions.

Mitol PerfectBackup

Mitol PerfectBackup

Mitol PerfectBackup provide Enterprise Online Backup, Disaster Recovery and Cloud Computing Services.

ISACA Conferences

ISACA Conferences

ISACA is dedicated to offering the most dynamic and inclusive conferences to keep you abreast of the latest advances in IT and Information Security.

National Cyber Security Centre (CNCS) - Portugal

National Cyber Security Centre (CNCS) - Portugal

CNCS is the operational coordinator and Portuguese national authority in cybersecurity working with State entities, and digital service providers

Cyber Security Audit Corp (C3SA)

Cyber Security Audit Corp (C3SA)

C3SA specializes in architecting, operating, managing and improving defensible and resilient IT infrastructures for Canada's public and private sectors.

AKATI Sekurity

AKATI Sekurity

AKATI Sekurity is a security-focused consulting firm providing services specializing in Information Security and Information Forensics.

Midwest Cyber Security Alliance (MCSA)

Midwest Cyber Security Alliance (MCSA)

Midwest Cyber Security Alliance is a nonprofit, nonpartisan collaboration of individuals, businesses, government entities, and professionals advocating for more effective cyber security solutions.

Chartered Institute of Information Security (CIISec)

Chartered Institute of Information Security (CIISec)

CIISec is dedicated to helping individuals and organisations develop capability and competency in cyber security.

Nextgen Group

Nextgen Group

Nextgen Group is a pioneering technology services group with innovative and unique services across enterprise software, cloud, data management, and cybersecurity solutions.

Centre for Cyber Security Research & Innovation

Centre for Cyber Security Research & Innovation

The Centre for Cyber Security Research & Innovation is Nepal's First Academic Research Institute to focus on understanding the overall Information Security of Nepalese Organizations.

BluSapphire

BluSapphire

BluSapphire is an industry-first, purpose-built, cloud-native, Hybrid XDR platform powered by AI and big data analytics.

Staley Technologies

Staley Technologies

Staley Technologies is a US nationwide structured cabling, technology integrator, and Managed IT & Cyber Security provider.

Reasonable Risk

Reasonable Risk

Reasonable Risk is the only SaaS GRC platform with Duty of Care Risk Analysis (DoCRA) built in, providing a sensible and defensible cybersecurity position for an organization.

OmniSecuritas Technologies

OmniSecuritas Technologies

Omnisecuritas assists businesses in maintaining secure and resilient operations by providing comprehensive, affordable, turnkey cybersecurity products and services to businesses of all sizes.