The U.S. and Iran have been warming sharply since U.S. forces last week became \"decapitated\" Iranian general Qassem Soleimani in Iraq. On sunday, january 5th a group of hackers claiming to work for iran's government captured the u.s. government's website, and a cyberwar between the two countries was on the verge.
The hack was targeted by the U.S. Federal Depository Library Program, which hackers described as retaliation for the U.S. Army drone strike against Suleimani on Jan.
\"This is information from the Islamic Republic of Iran,\" the hackers wrote on the website.\" We will not stop supporting friends in these areas, including the oppressed people in Palestine, Yemen, Bahrain, the people in Syria and Iraq and their governments, and the true jihadist resistance in Lebanon and Palestine.\"
\"The website of the Federal Library Project (FDLP) was destroyed by pro-Iranian anti-American forces,\" CNN said, citing Sara Sendek, a spokesman for the Department of Homeland Security's Cyber Security and Infrastructure Security Agency (CISA). But for the time being, it is impossible to prove that this was done by a government-funded Iranian hacker. The site is now offline and temporarily inaccessible.\"
Cyber attacks are not new to the United States, Iran, or even other Middle Eastern countries. cyber security company VectraAI Inc. Chris Morales, director of security analysis at Chris Morales, said the country had been gradually building its cyber-attack capability since the 2010 attack on the Iranian nuclear centrifuge by the Stuxnet virus. People in the industry generally believe that the Stuxnet virus was developed by the United States and Israel to undermine Iran's nuclear program.
\"Cyber attacks have been going on and have been instigated by both sides,\" Morales said. Iran's cyber-attack capabilities are not complicated because it uses mainly malware on the black market. In contrast, malware in the United States and Israel is custom-made. I do think Iran will launch a cyber attack, but they will also consider the follow-up effect of continued U.S. deterrence, cautiously.
Indeed, the day after the U.S. military's targeted removal of Suleimani, the Department of Homeland Security has issued a warning to the U.S. public and private sector to raise its security. The Department of Homeland Security said \"Iran has the ability to carry out temporary and disruptive cyber-attacks on key U.S. infrastructure \".
\"The purpose of this is to send a signal to Americans that they can influence us,\"John Hultquist, FireEye's head of intelligence analysis, told the Financial Times. Although it may be beyond the reach of [Iran], they could wreak havoc on the IT system.
Steven Bellovin, a computer science professor at Columbia University, also told CNN that cyber-attacks are less risky than traditional wars:"First, cyber-attacks are more likely to be denied.” If a US military base is attacked by a missile or a diplomat is kidnapped, it is easy to track it down. Second, it will reduce personnel risk.
It is precisely because of the more covert and relatively low-cost nature of cyber-attacks that the United States, Israel, Iran, and Saudi Arabia have been secretly fighting through hackers for nearly a decade.
In 2012, Iranian hackers used malicious data clearing software called \"Sha Moon,\" targeting administrative calculations by Saudi Aramco, VICE reported. At the time, Iranian hackers had not invaded industrial control systems in oil-producing machinery.
But as tensions rise in the Middle East, Iranian hacking has escalated. The Wire's November 2019 report showed that APT33, a hacking group believed to be from Iran, was no longer satisfied with simply implanting malware, but instead turning its focus to key infrastructure and the physical control systems of refineries, power companies.
\"Using offensive cyber capabilities to strike opponents outside the region is likely to be the most likely action for Iran at the moment,\" Hank Thomas, chief executive of venture capital firm StrategicCyber Ventures, told\" Silicon Valley stance.\" The most dangerous action will be a combination of cyber-attacks and dynamic attacks on local and extra-regional targets.
Interestingly, Iran's cyber attacks have brought good news for cybersecurity companies. CrowdStrike Inc.(Bloomberg News) reported a general dip in the market as a result of regional tensions. and FireEye Inc. Shares of the two cybersecurity companies rose by% and% on Thursday, local time.