If you think that the US government called off the new war with Iran, you are mistaken. President Trump cancelled the air strikes due to the potential loss of civilian lives, but cyber war options were in play, and is being aggressively waged by both sides.
President Trump called for a cyber attack against Iranian missile control systems on June 20th. These attacks were devastatingly effective.
In response, the Iranian Cyber Army has launched a spearphishing attack against targeted personnel in the on U.S. government and military, and critical infrastructure industries including the energy sector. Phishing email appearing to come from the White House’s Executive Office of the President.
Iran has demonstrated its abilities to wage war in the Shamoon attack against Saudi Arabia and Aramco. The tool they used allowed them to wipe the data off of hard drives and physically destroyed more than 35,000 computers. More recently, Iran successfully implemented Operation Cleaver, that successfully penetrated targeted networks worldwide. Currently, Iran has been using credential stuffing attacks, password spraying, and spear-phishing campaigns.
US-Cert has issued a warning about the current Iranian activity, and urges businesses to be aware of the threat, and to take actions to protect themselves from attack. Employees need to be warned to avoid anything unusual or suspicious in their email inboxes. Extra vigilance during this period is warranted. There will be more information in this blog as it becomes available.
- WyzGuys – Inside Iran’s Operation Cleaver
While the US Cyber Command has been focusing on the Chinese, North Koreans, and the Russians, and their respective intrusions into the networks of US companies, energy utilities, our military, and government agencies, Iran has been creating a world-class cyber-ops unit of their own.