Iran poses grow­ing cy­ber threat to US in­ter­ests, study says


Iran poses a grow­ing threat to Amer­ica’s com­puter net­works and has launched in­creas­ingly so­phis­ti­cated dig­i­tal at­tacks and spy­ing on U.S. tar­gets, ac­cord­ing to a new re­port re­leased Thurs­day.

Iran’s far-reach­ing hack­ing ef­forts in­di­cate the regime is search­ing for vul­ner­a­ble in­fra­struc­ture that could be hit in fu­ture cy­ber as­saults, said the study by pri­vate cy­ber se­cu­rity com­pany Norse and the Amer­i­can En­ter­prise In­sti­tute think tank.

“Iran is emerg­ing as a sig­nif­i­cant cy­ber threat to the U.S. and its al­lies,” the study said.

Iran’s skill in the cy­ber realm has markedly im­proved in re­cent years and “Iran has al­ready pen­e­trated well-de­fended net­works in the U.S. and Saudi Ara­bia and seized and de­stroyed sen­si­tive data,” it said.

The hack­ing, in­clud­ing es­pi­onage and at­tacks, has ex­panded de­spite eco­nomic sanc­tions and high-stakes ne­go­ti­a­tions be­tween Iran and world pow­ers on Tehran’s nu­clear pro­gram, it said.

The study cited data from a net­work of mil­lions of sen­sors set up by Norse. The sen­sors are de­signed to look like real web­sites or other com­puter sys­tems — for banks or power plants — that might at­tract the in­ter­est of a hacker.

The data showed Iran was stag­ing cy­ber as­saults and probes from in­side Iran as well as out­side the coun­try.

Ira­nian state com­pa­nies, in­clud­ing some with links to Iran’s elite Rev­o­lu­tion­ary Guards, are al­legedly host­ing servers and other com­puter sys­tems lo­cated in the West to carry out dig­i­tal at­tacks, ac­cord­ing to the re­port.

“Sim­ply by reg­is­ter­ing and pay­ing a fee, Ira­nian se­cu­rity ser­vices and or­di­nary cit­i­zens can gain ac­cess to ad­vanced com­puter sys­tems and soft­ware that the West has been try­ing to pre­vent them from get­ting at all,” the study said.

The re­port ar­gued that the hack­ing con­ducted out­side Iran could be coun­tered by West­ern com­pa­nies that own the sys­tems and soft­ware, deny­ing ac­cess to Ira­nian or­ga­ni­za­tions al­ready black­listed for rights vi­o­la­tions or links to mil­i­tants.

The study re­flects warn­ings from U.S. in­tel­li­gence of­fi­cials that Iran has made strides in its cy­ber ca­pa­bil­i­ties, though China and Rus­sia are con­sid­ered the most skilled when it comes to dig­i­tal war­fare.

Na­tional In­tel­li­gence Direc­tor James Clap­per in Fe­bru­ary blamed Iran for a cy­ber attack on Sands Casino in Las Ve­gas that stole con­fi­den­tial data and shut down many of the casino’s op­er­a­tions.

The as­sault came af­ter the bil­lion­aire owner of Sands, Shel­don Adel­son, said in 2013 that “Iran should be nuked.”

Un­der a frame­work nu­clear agree­ment, in­ter­na­tional eco­nomic sanc­tions would be lifted on Iran. And the re­port’s au­thors ar­gue that re­moval of sanc­tions would al­low Tehran to de­vote more re­sources to cy­ber war­fare.

“What­ever the fi­nal out­come of the nu­clear ne­go­ti­a­tions, we must ex­pect that the threat of a cy­ber attack from Iran will con­tinue to grow,” the au­thors wrote.

Cy­ber se­cu­rity firms such as Norse of­ten por­tray dig­i­tal threats as nu­mer­ous and in­creas­ing. But it was un­clear if Norse would have an in­cen­tive to link hack­ing to any spe­cific state.

Newspapers in English

Newspapers from Taiwan

© PressReader. All rights reserved.