30 April 2012

Pierluigi Paganini: Fear Iran and escalation of cyber attacks


 

 - OPEN SOURCE
IranianCyberWar/LinkedIN; US/1; ATTN: IS/[redacted], HD/23; HST/2; Mil.COM/2; US/17     Member CONTRIBUTION

by paganinip on April 30th, 2012

Last week I reported the virus attack to the Iranian oil industry, a cyber attack that seems has caused few damages but that raised again the theme of cyber warfare. Oil industry is the primary economic business of Iranian Government and an attack to the sector appears to the experts as a cyber war acts. In the past Iran was already victim of cyber attack to its nuclear plants, we all remember the case of the Stuxnet Virus, for this reason the Iranian intelligence is convinced that also this time the nation is facing with a new cyber attack. Iran has in great consideration the theme of cyber warfare and it government is making big investments to strengthen the technological structure of the country and to promote effective cyber strategy.

Immediate reaction to the incident, on Saturday Iranian oil ministry’s cyber team has identified the targets of the attack and also the responsibles. Despite the Iranian officials haven’t revealed the identity of the responsibles they have provided more information regarding the attack and the real damages, they have in fact confirmed a virus has hit the structures of Kharg Island plant destroing minor data and some user’s hard disks. For all the data infected the experts have a copy of backup that has been restored without problems.

“The nature of the attack and the identity of the attackers have been discovered, but we cannot publicize it since we are still working on the case,”

Deputy Oil Minister Hamdollah Mohammadnejad told FNA.

“the attack was carried out by virus penetration and was aimed at stealing and destroying data and information.”

The spokesman’s words are eloquent, the attack hasn’t had the sole intent to destroy data, but it is part of a complex strategy that aims to infiltrate the Iranian networks gathering sensible information.

“those who design and develop such viruses are pursuing specific goals”.

Obviously there is the announcement in tones of propaganda immediate resumption of operations at the site attacked, senior Iranian oil ministry officials announced earlier this week said their computer systems resumed normal operation on Wednesday.

Iranian Oil Ministry’s Spokesman Alireza Nikzad-Rahbar declared that main services of the ministry’s computer systems, including the Administrative Automation System were up again on Tuesday evening, and that all the Iranian government experts have adopted all precautions to minimize the impact of a cyber attack ensuring the business continuity.

Iranian government is aware of the destructive capabilities of cyber weapons and the importance of appropriate cyber strategy, rather it is believed that in this area, the Western enemy may be more vulnerable. On March 2012 the leader of the Islamic Revolution Ayatollah Seyyed Ali Khamenei has tasked Iranian President Mahmoud Ahmadinejad with the duty of establishing a Supreme Council of Cyberspace which is charged with protecting the Iranian cyberspace

The registered attack is not the only one against Iranian infrastructures, Iranian Sharg newspaperhas reported that hackers have attacked the computers of Iran’s ministry of science, of course also this time there aren’t damage. Iranian expert also in this occasion have noted that the hackers haven’t the only purpose to destroy data but they were more interested to steal information.

An analysis of activities in cyber space clear the escalation of cyber conflict in the Middle East with Israel as the main protagonists, and the emerging Iran and Lebanon. The detailed Middle East Cyber War Timeline is available on the web site of the collegue Paolo Passeri, following a brief list of the events.

The intensification of the attacks provides an indicator of the level of tension in the area, and portends a military intervention to date avoided only by the veto of countries like China and Russia backing the government in Tehran. The intense activity also impacts on the policies of leading western nations, U.S. in the lead. 

The Iran issue is beginning to worry the American government, and not only, that through a media campaign is trying to rally support for military intervention in the area. Attempts of diplomacy did not match the expected results allowing the government in Tehran to organize an alarming strategy. Recall that world experts believe that Iran can have its own nuclear arsenal within two years, this time the West will have to decide how to act and precede.

Very significant is the report “The Iranian Cyber Threat to the U.S. Homeland” Statement before the U.S. House of Representatives Committee on Homeland Security Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies and Subcommittee on Counterterrorism and Intelligence. In the document are analyzed the growing Iranian capabilities, the country expanding exploitation of cyberspace can be attributed to two principal geopolitical drivers:
  1. The first are the Iranian regime’s efforts to counter Western influence and prevent the emergence of a “soft revolution” within its borders. That digital barrier has grown exponentially over the past three years, as Iran’s leadership has sought to domestic dissent and curtail the ability of its opponents to organize.
  2. The second geopolitical driver of Iran’s interest in cyberspace relates to the expanding conflict with the West over its nuclear ambitions.
The report clarify the position of Teheran that is considering itself engaged in a cyber war with West, due this reason the Iranian regime is mobilizing in response launching an ambitious $1 billion governmental program to boost national cyber capabilities, acquiring new technologies, investing in cyber defense, and creating of a new army of cyber experts.

Where does the United States stand with regard to a response? The Obama administration has made cybersecurity a major area of policy focus since taking office in 2009, and the past year in particular has seen a dramatic expansion of governmental awareness of cyberspace as a new domain of conflict.

The U.S. government, in other words, has not yet even begun to get ready for cyberwar with Iran, and according the report it’s time to start it. The risk of attacks against infrastuctures located in US homeland is high and it will increase in coming months due a range of scenarios, from a renewed diplomatic impasse to a further strengthening of economic sanctions to the use of military force against Iranian nuclear facilities.

Never let the guard down!

Pierluigi Paganini

[Information contained in BKNT E-mail is considered Attorney-Client and Attorney Work Product privileged, copyrighted and confidential. Views that may be expressed are those of the author(s) and do not necessarily reflect those of any government, agency, or news organization.]

No comments:

CyBER-BlackSEC Debate

BlackNIGHT Target Practice

SEAL Team SIX - Iron Will from CBS News

The Devil's Advocate?

In 1991, [the late former Secretary of State Lawrence 'Just call me George'] Eagleburger explained to The Post why all of his sons were named Lawrence.

“First of all, it was ego,” he said. “And secondly, I wanted to screw up the Social Security system.”