Immediately after the United States assassinated Iranian Maj. Gen. Qassim Suleimani, the leader of Iran, Ayatollah Ali Khamenei, warned the world of an impending Iranian retaliation. Experts suspect that the country will likely respond with a cyber warfare campaign rather than traditional warfare efforts. SecureCircle recommends that all organizations assets and strengthen their cyber defenses to protect sensitive data and secure intellectual property in preparation for an Iranian cyber-attack.
What U.S. organizations can expect from an Iranian cyber attack
Iran has spent years developing its cyber warfare capabilities. In late-2011, Iran invested at least $1 billion in cyber technology, infrastructure and expertise.In March 2012, the Islamic Revolutionary Guard Corps (IRGC), a branch of the country’s military, claimed it had recruited around 120,000 personnel over a three-year period to combat "a soft cyber war against Iran."
In 2013, a general in the IRGC stated that Iran had "the fourth biggest cyber power among the world's cyber armies.” The Institute for National Security Studies confirmed Iran’s cyber security strength in 2014, identifying the country as "one of the most active players in the international cyber arena."
The impacts of Iran’s investment in cyber warfare soon became apparent worldwide. In 2017, The Conversation reported the United States had indicted seven Iranian hackers for working on behalf of the IRGC to conduct attacks against major American banks. These attacks, which may have been retaliation for “economic sanctions that had been imposed on Iran or the Stuxnet cyber attack on Iran’s centrifuges,” purportedly resulted in the loss of tens of millions of dollars.
The U.S. financial sector isn’t the only victim. Vice reported that “Tehran's state-backed hackers have targeted banks, casinos, the city of Atlanta, and a dam just outside New York as part of its campaign of cyber attacks against U.S. targets."
How to defend against cyber warfare
Experts expect that Iran will lash out at any mark with the intent to disrupt the world economy and steal intellectual property. In the past, Iran has been identified as being involved in attacks against Las Vegas Sands Corp., Bank of America, Citigroup, Wells Fargo, U.S. Bancorp, PNC, Capital One, Fifth Third Bank, BB&T and HSBC. The upcoming cyber attack may target U.S. companies in key sectors (not just the financial sector), the U.S. government and American allies.
Businesses from the United States and around the world should evaluate their current cyber defenses and shore up any gaps before they become a target of retaliation.Future attacks most likely will aim to cripple systems and steal data. Most organizations have policies, processes, and technologies to detect and remediate when systems are running sub-optimally, but many have historically lagged in protecting data from everyday cyber attacks, let alone advanced attacks.
Organizations need to focus on new strategies to thwart Iran and similar combatants.Detecting and preventing intrusion or traditional data protection is not enough; preventing next-generation attacks requires next-generation technologies that provide persistent protection in addition to visibility. To ensure that organizations remain productive, this persistent protection must not impede business.
In our opinion, a robust protection strategy that can defend against modern Iranian attacks, malicious insiders or any data breach include protection that is:
Review your organization’s policies, programs and people for preparedness against potential data breaches arising from Iran or other malicious parties. Then, contact us for a customized technology audit of your organization.
Review your organization’s policies, programs and people for preparedness against potential data breaches arising from Iran or other malicious parties. Then, contact us fora customized technology audit of your organization.