FBI:
Iran to Launch New Cyber Attacks
Iranian
hackers poised for wide-ranging strikes in retaliation for U.S. leaving nuclear
deal
BY:
Bill Gertz
May
24, 2018 3:30 pm
The FBI is warning that Iranian hackers could conduct
new cyber attacks on American businesses and government networks in response to
the Trump administration's withdrawal from the Iran nuclear deal.
"The FBI assesses foreign cyber actors operating
in the Islamic Republic of Iran could potentially use a range of computer
network operations—from scanning networks for potential vulnerabilities to data
deletion attacks—against U.S.-based networks in response to the U.S.
government’s withdrawal from the Joint Comprehensive Plan of Action
(JCPOA)," the FBI said in a cyber alert to U.S. businesses.
Previous Iranian cyber attacks were carried out
against targets in the United States in retaliation for "perceived slights
against the regime," the May 22 notice states.
The FBI warned that Iranian hackers may view the U.S.
withdrawal from the Iran deal as justification for stepped up cyber attacks.
The
warning noted that between December 2011 and August 2013 two organizations
linked to the Iranian government carried out large-scale distributed denial of
service, or DDOS, attacks on U.S. financial institutions' websites in
retaliation for U.S. sanctions that squeezed the Iranian economic.
Then
in 2014, Iranian hackers broke into networks of the Sands Casino in Las Vegas
and destroyed computers in retaliation for anti-Iranian government comments
made by the casino's owner Sheldon Adelson.
"From 2016 to 2017, malicious Iranian cyber
actors conducted coordinated and broadly targeted intrusion campaigns against
U.S. companies, academic institutions, and government entities," the FBI
said. "The FBI encourages U.S. companies to report suspicious network
activities to local FBI offices or FBI CyWatch."
The
FBI report included a chart listing specific methods used by Iranian hackers in
conducting cyber attacks on the computer networks of academic institutions,
commercial businesses, financial institutions, and the government.
For its cyber activities against academic
institutions, the Iranians have used spear-phishing—the use of fraudulent
emails to gain access to networks—as well as "password spray" attacks.
Both methods allow hackers to gain access to networks without triggering
alarms.
A
password spray is a method of breaking into computers using a username and the
use of a few passwords that seeks to avoid the lock out feature now used by
most login software.
The
Iranians gained confidential information and proprietary data from the schools
and universities.
In
the commercial sector, spear-phishing was the main method and "gave actors
the access to wipe hard drives," the FBI said.
During
financial sector hacks, DDOS attacks blocked customers from accessing financial
websites and disrupted businesses.
Government
cyber attacks included the use of spear-phishing and password spray hacks to
obtain confidential information.
هیچ نظری موجود نیست:
ارسال یک نظر