Connect with us

News

US sanctions on Iranian hackers highlight growing concern about the Islamic Republic’s cyberwarriors

Published

on

A feature of the simmering tensions between the US, Israel and Iran has been not just the tit-for-tat missile and drone strikes and assassinations, but accusations of cyberwarfare waged by Iran. (Pixabay photo)

A feature of the simmering tensions between the US, Israel and Iran has been not just the tit-for-tat missile and drone strikes and assassinations, but accusations of cyberwarfare waged by Iran.

On April 23, the US Treasury announced it was sanctioning two Iranian companies and four Iranian individuals for conducting malicious cyberattacks against more than a dozen US companies and government organisations. The Treasury alleged that these organisations and individuals had conducted spear phishing, malware and ransomware attacks, which it said aimed to destabilise important national infrastructure in the US.

This followed an announcement in February that it was sanctioning a group of Iranian hackers linked to the country’s military for what it described as “unconscionable and dangerous” attacks on water and wastewater systems in the US.

Identifying the people behind these attacks can often be challenging. But the US is claiming the hacks are perpetrated by “front companies” and hackers operating for Iran’s Islamic Revolutionary Guard Corps Cyber Electronic Command (IRG-CEC).

The main sanctioned company, Mehrsam Andisheh Saz Nik (MASN) is identified as regularly launching what is known in the cyber world as advanced persistent threat (APT) attacks.

APTs are long-term attacks on high-value targets such as large companies and government organisations.

MASN was linked in 2019 by cybersecurity giant Symantec (now Gen Digital Inc) with a group it called Tortoiseshell. Symantec said Tortoiseshell had been active in the Middle East since at least July 2018. It was linked with cyberattacks against Saudi Arabian IT providers and Israeli shipping, logistics and financial services companies.

Much less is known about the actions of the second sanctioned company, Dadeh Afzar Arman. But from information available online, it claims to be a software and web development company based in Tehran.

Alongside the sanctions, the US government is offering a reward of US$10 million (£8 million) and a “plane ticket to somewhere new” for anyone having more information about the hackers in question.

The recent announcement follows a wider pattern of the US naming and shaming cybercrime groups it has identified and linked to rogue activity.

By publicly naming these groups, in this instance, the US says it wants to inform the Iranian public that the IRG-CEC is using these companies for launching illegal cyber-attacks against international targets. But efforts by the US government to deter state-backed hackers working for governments including Iran, China and Russia have yet to bear fruit.

To date, no such suspects have ever been apprehended to stand trial in the US.

War in all but name

Washington and Tehran have been at loggerheads since the 1979 revolution. The US imposed sanctions against the Islamic Republic when militant students overran the US embassy in the Iranian capital in November 1979 sparking the 400-day hostage crisis.

They have endured since with various levels of intensity. This, despite efforts by the Obama administration to move towards normalisation, with the signing in 2015 of an agreement under which Iran agreed to limit its nuclear programme in return for an easing of sanctions.

Donald Trump pulled the US out of the agreement in 2018.

The first major act of cyberwar between the two countries was, in fact, the Stuxnet “worm”, a joint venture between the US and Israel. Stuxnet drove a wrecking ball through Iran’s nuclear facilities in 2010. The virus manipulated control systems and caused centrifuges to overheat. This caused serious damage and set Iran’s nuclear programme back by years.

This incident marked the beginning of an on-again, off-again conflict between the two countries. In 2016, the US Justice Department indicted seven Iranian computer specialists. It accused the group of hacking into dozens of American banks as well as trying to take over the controls of a small dam in a suburb of New York.

This was the first time the US had publicly accused the Iranian Revolutionary Guard Corps (IRGC) of involvement in cyber-attacks. But it is thought Iran had been targeting the US financial systems with what the FBI called a “systematic campaign of distributed denial of service (DDoS) attacks” since 2011.

After the US assassinated top Iranian general, Qasem Soleimani, in 2020, the US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency published an official guidance, warning US companies to prepare for a possible wave of cyber-attacks from Iran.

At the time the threat was talked down. One expert wrote in the New York Times that: “Tehran is a capable and prolific actor in the realm of cyberwarfare, but it has no proven ability to create large-scale physical damage through cyberoperations.”

Growing threat

However, in recent years Iran seems to have further developed its cyber capabilities. In 2023, the Office of the Director of National Intelligence’s annual threat assessment declared that: “Iran’s growing expertise and willingness to conduct aggressive cyber operations make it a major threat to the security of US and allied networks and data.”

Meanwhile, the National Cyber Power Index ranked Iran as tenth among the 30 countries it investigated in 2022 (up from 23rd in 2020). Additionally, in a peer-reviewed article published recently that offers a new global metric for cybercriminality, Iran is ranked 11th in relation to the impact, professionalism and technical skills of cybercriminals operating in the country.

In the increasingly murky margins of a world where cybercriminals and governments can overlap, Iran’s increasing sophistication in this field cannot be ignored.The Conversation

Vasileios Karagiannopoulos, Associate Professor in Cybercrime and Cybersecurity and Co-Director of the Centre for Cybercrime and Economic Crime, University of Portsmouth and Iain Reid, Course Leader, MSc Cybercrime, University of Portsmouth

This article is republished from The Conversation under a Creative Commons license. Read the original article.

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Maria in Vancouver

Lifestyle3 weeks ago

Nobody Wants This…IRL (In Real Life)

Just like everyone else who’s binged on Netflix series, “Nobody Wants This” — a romcom about a newly single rabbi...

Lifestyle4 weeks ago

Family Estrangement: Why It’s Okay

Family estrangement is the absence of a previously long-standing relationship between family members via emotional or physical distancing to the...

Lifestyle2 months ago

Becoming Your Best Version

By Matter Laurel-Zalko As a woman, I’m constantly evolving. I’m constantly changing towards my better version each year. Actually, I’m...

Lifestyle3 months ago

The True Power of Manifestation

I truly believe in the power of our imagination and that what we believe in our lives is an actual...

Maria in Vancouver4 months ago

DECORATE YOUR HOME 101

By Matte Laurel-Zalko Our home interiors are an insight into our brains and our hearts. It is our own collaboration...

Maria in Vancouver4 months ago

Guide to Planning a Wedding in 2 Months

By Matte Laurel-Zalko Are you recently engaged and find yourself in a bit of a pickle because you and your...

Maria in Vancouver4 months ago

Staying Cool and Stylish this Summer

By Matte Laurel-Zalko I couldn’t agree more when the great late Ella Fitzgerald sang “Summertime and the livin’ is easy.”...

Maria in Vancouver5 months ago

Ageing Gratefully and Joyfully

My 56th trip around the sun is just around the corner! Whew. Wow. Admittedly, I used to be afraid of...

Maria in Vancouver6 months ago

My Love Affair With Pearls

On March 18, 2023, my article, The Power of Pearls was published. In that article, I wrote about the history...

Maria in Vancouver6 months ago

7 Creative Ways to Propose!

Sometime in April 2022, my significant other gave me a heads up: he will be proposing to me on May...