Story image

Cyberattacks imminent for Western businesses due to Trump’s actions

10 May 18

There are to be some serious cybercrime implications following on from Trump’s scandalous announcement that the US would not renew the waivers on sanctions against Iran.

That’s according to a report from Recorded Future that was published today that analysed the Iran cyberthreat.

Recorded Future director of strategic threat development Priscilla Moriuchi says President Trump’s actions have placed American businesses at increased risk for retaliatory and destructive cyberattacks by the Islamic Republic.

“We assess that within months, if not sooner, American companies in the financial, critical infrastructure, oil, and energy sectors will likely face aggressive and destructive cyber attacks by Iranian state-sponsored actors,” says Moriuchi.

“Further, our research indicates that because of the need for a quick response, the Islamic Republic may utilise contractors that are less politically and ideologically reliable (and trusted) and as a result, could be more difficult to control. It is possible that this dynamic could limit the ability of the government to control the scope and scale of these destructive attacks once they are unleashed."

The report states that since at least 2009 the Islamic Republic has regularly responded to sanctions or perceived provocations by conducting offensive cyber campaigns.

According to Recorded Future, the Islamic Republic has traditionally preferred to use proxies or front organisations both in physical conflict and cyberattacks to achieve their policy goals.

Iran faces the prospect of negative economic impact as instead of renewing the waivers on sanctions against the nation, the US will impose additional economic penalties, the combinations of which amounts to a de facto US withdrawal from the 2015 Joint Comprehensive Plan of Action (JCPOA) that is commonly referred to as the ‘Iran nuclear deal’.

“We assess, based on Iran’s previous reactions to economic pressure, that with President Trump’s exit from the JCPOA, Iran is likely to respond by launching cyberattacks on Western businesses within months, if not faster,” the report states.

“Judging from historical patterns, the businesses likely to be at greatest risk are in many of the same sectors that were victimised by Iranian cyberattacks between 2012 and 2014 and include banks and financial services, government departments, critical infrastructure providers, and oil and energy.”

Some of the key judgements from the report include:

  • Due to needing to act quickly, Iranian cyber response will be staffed and executed by capable, but less trusted contractors, resulting in the Islamic Republic possibly having difficulty controlling the scope and scale of the destructive cyberattacks once they have begun. 

  • The Islamic Republic operates with embedded paranoia, where ultimately, no one can be trusted.
  • Iranian cyber operations are administered via a tiered approach, where an ideologically and politically trusted group of middle managers translate intelligence priorities into segmented cyber tasks which are then bid out to multiple contractors.
  • Based on Recorded Future’s source’s conversations with other hackers in Iran, there are over 50 estimated contractors vying for Iranian government-sponsored offensive cyber projects.
  • According to Insikt Group’s source, to find and retain the best offensive cyber talent, Iranian government contractors are forced to mine closed-trust communities.
Oracle Java Card update boosts security for IoT devices
"Java Card 3.1 is very significant to the Internet of Things, bringing interoperability, security and flexibility to a fast-growing market currently lacking high-security and flexible edge security solutions."
Sophos hires ex-McAfee SVP Gavin Struther
After 16 years as the APAC senior vice president and president for McAfee, Struthers is now heading the APJ arm of Sophos.
Security platform provider Deep Instinct expands local presence
The company has made two A/NZ specific leadership hires and formed several partnerships with organisations in the region.
Half of companies unable to detect IoT device breaches
A Gemalto study also shows that the of blockchain technology to help secure IoT data, services and devices has doubled in a year.
Stepping up to sell security services in A/NZ
WatchGuard Technologies A/NZ regional director gives his top tips on how to make a move into the increasingly lucrative cybersecurity services market.
Huawei founder publically denies spying allegations
“After all the evidence is made public, we will rely on the justice system.”
Malware downloader on the rise in Check Point’s latest Threat Index
Organisations continue to be targeted by cryptominers, despite an overall drop in value across all cryptocurrencies in 2018.
IoT breaches: Nearly half of businesses still can’t detect them
The Internet of Thing’s (IoT’s) rapid rise to prominence may have compromised its security, if a new report from Gemalto is anything to go by.