Hacking battles between Iran and its enemies raise fears of broader cyber warfare

Hacking battles between Iran and its enemies raise fears of broader cyber warfare

Tech Highlights:

  • Omid Khazani and Nabih Bulos / Los Angeles Times (TNS)
    TEHERAN, Iran-At the beginning of December, Iran’s top universities were suspended for four days. The web conferencing software for the COVID restricted class did not work. Faculty and students did not have access to their records. This is the final round of low-level but escalating cyber hostility between Iran and its adversaries, especially Israel, exchanging intense hacks in a protracted shadow campaign of mutual instability. However, according to experts, the blow to the University of Tehran and other such incidents represent a transition from normal attacks on military and nuclear sites to a full-scale cyber war on civil infrastructure. “This is an important difference in cyber conflicts, affecting the general public and also to the private sector,” said John Hultquist, vice president of intelligence analytics for US cybersecurity firm Mandiant. “It’s not about military objectives …. In many of these cases, the government is often not the audience.”
    The expansion of the cyber battlefield in the Middle East is good at defending Iran’s controversial nuclear program. That’s because, said Maysam Beravesh, a researcher at the Klingersale Institute in the Netherlands. From 2008 to 2010, he was an intelligence analyst and foreign policy adviser to the Ministry of Information Security of Iran. “Iran’s nuclear facilities have spread nationwide, making attacks on the program much more complex, and Israel has a new approach-a large-scale cyberattack on sensitive civilian targets such as dams, gas stations, and electricity.” A plan to arouse national anxiety with the aim of overthrowing the administration or putting the ruler in endless daily anxiety, “Behravesh said. In addition to the attack on the University of Tehran earlier this month, Mahan Airlines, Iran’s second largest airline, was hacked and lost access to its website in November. A large-scale hack in October paralyzed pumps at 4,300 gas stations nationwide. In August, a hacking group called Edalate Ali (Ali’s Justice) released a security video showing guards beating prisoners from an Iranian prison. A hack occurred in July and the railroad system stopped working. Another group, Tapandegan, attacked airports in big cities and towns. And it is only a partial list of cases that the state has admitted that Tehran is primarily due to Israel, and does not always provide evidence to support the allegations. After the attack on the gas station, new hardline President Ebrahim Raishi called for “serious preparations in the field of cyberwarfare.” “The reported state media. Meanwhile, Iran has counterattacked with its own attack, claiming Israeli and US officials and experts. This month, Tel Aviv’s cybersecurity company Checkpoint said many Israeli companies were targeted by an Iran-related hacking group called Charming Kitten. Earlier this month, the Symantec Threathunter team also said that the “targeting and tactics are in line with Iran-sponsored actors” group will spend a month in Israel, Jordan, against carriers, IT services companies and utilities. Announced that it has launched an attack campaign. , Kuwait, Saudi Arabia, United Arab Emirates, Pakistan, etc. In November, US, UK and Australian authorities warned that Iran-sponsored attackers exploited software vulnerabilities to carry out ransomware attacks. Earlier this year, Facebook extracted information from targets by Iran’s affiliate Tortoiseshell creating a fake online persona, contacting U.S. soldiers and employees of U.S. and European defense companies to send malware. Was announced. Also in November, “doxxte” Fars News Agency, an agency run by Iran’s acclaimed Islamic Revolutionary Guard Corps, an Israeli cybersecurity specialist focused on Iran. .. This happened after an attack by a group called Black Shadow, which released a large amount of personal data from Israel’s LGBTQ website Atraf. The attack caused parallel competition to close the vulnerability. On Saturday, the Israeli army announced that its joint cyber defense department had joined the US cyber army for exercises last week. This is the sixth joint exercise this year. Earlier this month, Israel conducted Collective Strength, a simulation of a large-scale cyberattack on financial markets involving tax authorities such as the United States, Israel, the United Arab Emirates, and the United Kingdom. Iran’s relative international isolation offers few opportunities for such partnerships. U.S.-led sanctions make the country particularly vulnerable to attacks, making Iranians unable to update against new security threats and relying on pirated, cracked, or older versions of software. Have been forced to. For example, an attack on the University of Tehran paralyzed an older version of Adobe Connect, a suite of web conferencing software. For several days, faculty and students switched to Big Blue Button, a free web conferencing system whose code is open source. This is available to anyone who wants to change their code to fix a vulnerability. The
    sanctions also mean that Iran lacks the resources to fend off attacks at the national level. In particular, when faced with a much more sophisticated enemy that can find so-called zero-day attacks, the software itself causes code errors in programs that are unknown to the manufacturer. -You can use this to break into your system. “We need a large, scalable organization that can fulfill all of these potential goals, down to the network level,” says Hultquist. “It’s already a difficult battle, and if you’re short on resources, you’ll find that you’re with an easily accessible enemy.” At the same time, the impact of the attack is less than in a country like the United States. .. If such a system is used, Iran’s national institutions and private enterprises will play a greater role due to their low reliance on technology and advanced systems. This puts Iran into a focus on the offensive side of cyber warfare. Instead of custom-made malware like Stuxnet, a sophisticated computer worm developed by the United States and Israel that destroyed Iran’s nuclear system in 2010, Iran’s hackers have publicly available malware, like Cobalt. Has a cracked version of a legitimate remote management and security assessment tool. Introduced Strike, a threat emulation tool. And there is no shortage of cyber warriors. The Revolutionary Guard Corps regularly recruits data mining, network intrusions, and hacks from educational institutions such as Imam Hossein University. At Imam Hossein University, scholars join the guard after passing an ideological interview and a scrutiny after graduation at Imam Hossein University. Permitted people are not allowed to work in the private sector or abroad, but receive a higher salary to make up for it. If the carrots don’t work, a stick will come out: According to several Iranian computer engineers who spoke on condition of anonymity, if they catch a private hacker, Iran’s security services will make them a private hacker in the state. Force to work for this time avoid in prison. Despite the escalation of hostilities, the attacks have so far been lagging behind the public war, Hultquist said. “It’s similar to terrorism in the sense that it creates a perception of danger or uncertainty based on limited and rare behavior,” he said. However, former Iranian intelligence analyst Behravesh said the intensification of the attack heralds a greater conflict, especially given the bleak prospects for a resurgence of nuclear deals with western Iran and other world powers. I believe. “This change in the pattern of attacking Israeli civilian targets is a pre-attack stage, giving them a last chance before resorting to a full-scale military operation against Iran’s nuclear facilities. It means, “he said. “I think we are in a time when time is running out and the world and the Middle East are irreversible.”

We will be happy to hear your thoughts

      Leave a reply

      Tech Reviews, News and Guides
      Logo