19 December 2019

How Iran’s Cyberattack Claims Aim To Establish A Powerful Cyber Warfare Player

Kate O'Flaherty
Source Link

Iran is claiming it has thwarted a cyberattack on government servers, just days after allegedly foiling another cyber assault on its electronic infrastructure. According to Iranian state media, the country is investigating following the latest cyberattack on December 15, which it claims was perpetrated by a foreign state actor to obtain government information. 

Iran’s minister of communications and information technology, Mohammad Javad Azari Jahromi, said via Twitter that the cyberattack had been detected and thwarted by Iran’s so called “security shield.”

He claimed that "spying servers were identified and the hackers were also tracked.”

Speaking about last week’s attack, Jahromi said Iran’s electronic infrastructure had been targeted but did not give further details, other than to confirm a report would be released. Just one day earlier, he denied reports that hacking operations were targeting Iranian banks. 


The cyberattack claims come two months after Iran was blamed for physical attacks on Saudi oil refineries. Meanwhile, in June, the U.S. launched a cyber assault on Iranian military systems. 

But perhaps the most famous attack on Iran is the now infamous Stuxnet, thought to have been perpetrated by the U.S. and Israel, which caused substantial damage to Iran’s nuclear program.

Iran: A powerful cyber warfare player 

Of course, it’s part of a much bigger picture: Iran’s cyberattack claims come at a time when global cyber warfare rages on. Last month, it emerged that Iranian hackers are evolving their focus, targeting the so-called industrial control systems used by power grids, manufacturing and oil refineries. 

Iran is “still smarting” after the Stuxnet attack in 2010, says Philip Ingram MBE, a former colonel in British military intelligence. He says three major players would want to target Iran–the U.S., Saudi Arabia and Israel. 

“Saudi Arabia is in a bloody proxy war with Iran in Yemen and has a score to settle after Iran’s cyber-attack on Saudi Aramco in 2012 and then the Iranian enabled drone attacks on the Saudi Oil infrastructure in September this year.”

Meanwhile, says Ingram: “Israel is always watching Iranian developments across the region and has a strong offensive cyber capability alongside its mutual mistrust of anything Iranian. Israel would be in a position to carry out attacks as a proxy for the U.S. and Saudi Arabia so that potential can’t be ruled out.”

And as tensions with the U.S. continue to escalate, Iran is certainly making an effort to demonstrate its cyber capabilities. “Iran is being undermined by all sorts of internal and external forces,” says CompTIA global faculty member Ian Thornton-Trump. “In a sense, Iran needs to find ‘positive news stories’ to show domestic audiences it is strong and in control.”

At the same time, he points out: “Externally Iran needs to appear powerful to its allies and I think it's fair to say Iran has to be a ‘strong ally’ to a fairly small group of distasteful regional actors. Anything that comes across as superior in terms of cyber fulfils both a local and regional political objective.”

“Iran is being more open about the attacks as it wants to use them to justify a continuing aggressive stance in the region–and to send the message that it hasn’t been damaged by them,” says Ingram. “How much damage and disruption has really been caused is very difficult to assess accurately, but Stuxnet was very successful.”

No comments: