If you think that the US government called off the new war with Iran, you are mistaken. President Trump cancelled the air strikes due to the potential loss of civilian lives, but cyber war options were in play, and is being aggressively waged by both sides.
President Trump called for a cyber attack against Iranian missile control systems on June 20th. These attacks were devastatingly effective.
In response, the Iranian Cyber Army has launched a spearphishing attack against targeted personnel in the on U.S. government and military, and critical infrastructure industries including the energy sector. Phishing email appearing to come from the White House’s Executive Office of the President.
Iran has demonstrated its abilities to wage war in the Shamoon attack against Saudi Arabia and Aramco. The tool they used allowed them to wipe the data off of hard drives and physically destroyed more than 35,000 computers. More recently, Iran successfully implemented Operation Cleaver, that successfully penetrated targeted networks worldwide. Currently, Iran has been using credential stuffing attacks, password spraying, and spear-phishing campaigns.
US-Cert has issued a warning about the current Iranian activity, and urges businesses to be aware of the threat, and to take actions to protect themselves from attack. Employees need to be warned to avoid anything unusual or suspicious in their email inboxes. Extra vigilance during this period is warranted. There will be more information in this blog as it becomes available.
More information:
- KnowB4
- US-CERT
- WyzGuys – Inside Iran’s Operation Cleaver
While the US Cyber Command has been focusing on the Chinese, North Koreans, and the Russians, and their respective intrusions into the networks of US companies, energy utilities, our military, and government agencies, Iran has been creating a world-class cyber-ops unit of their own.
JUN
About the Author:
I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com