Since 2012 Iran has shown increasingly sophisticated capabilities to conduct cyber attacks, including the incredibly destructive attacks against Saudi Aramco, attacks against US banks and infrastructure, attacks against the power grid in Turkey, and attacks against the UK Parliament.
Iran has also invested in and used capabilities in disinformation and misinformation, including mounting campaigns that have spoofed members of congress. They have created social media accounts that impersonate US citizens and major media outlets and all indications are that they are continuing to leverage techniques like this to spread misinformation.
It is logical to assume given the tensions between the US and Iran today that cyber attacks and misinformation efforts will escalate.
The DHS’s Cybersecurity and Infrastructure Security Agency (CISA) just issued a warning saying as much. The warning reads in part:
“CISA is aware of a recent rise in malicious cyber activity directed at the United States industries and government agencies by Iranian regime actors and proxies. We will continue to work with our intelligence community and cybersecurity partners to monitor Iranian cyber activity, share information, and take steps to keep America and our allies safe.”
“Iranian regime actors and proxies are increasingly using destructive ‘wiper’ attacks, looking to do much more than just steal data and money. These efforts are often enabled through common tactics like spear phishing, password spraying, and credential stuffing. What might start as an account compromise, where you think you might just lose data, can quickly become a situation where you’ve lost your whole network.”
This is an important warning. It calls for action. If you are an executive that runs a line of business it is time to confirm for yourself if measures have been put in place to ensure your business can continue to operate when under cyber attack.
We should also point out that Iran has a developing capability to attack military systems with cyber attack. They also have an ability to degrade space-based capabilities. At this time we do not assess they have an ability to launch anti-satellite missiles, but they are likely close to developing these. They do have an ability to launch jamming attacks against space systems and to conduct cyber attacks against ground control stations.
Some recommendations for additional reading for OODA members:
- The Iran Threat Brief: Insights for the executive decision-maker
- Best Practices for Agile Cybersecurity
- What Business Needs To Know About Security in Space
- Traveling Executive’s Guide to Cybersecurity
Additionally, this is a good time to check to ensure you are on distribution for the OODA Daily Pulse.
