CybersecurityIran may resume cyberattacks on U.S. if nuclear deal is not reached
A failure for the United States to reach a nuclear deal with Iran could result in more cyberattacks against U.S. companies, House Intelligence Committeechairman Mike Rogers (R-Michigan) said. Cyberattacks by Tehran declined dramatically after the United States, other permanent members of the Security Council, and Germany agreed to an interim nuclear deal with Iran in 2013, but should the parties fail to reach a permanent nuclear deal by the newly set March 2015 and July 2015 deadlines, financial firms, oil and gas companies, and water filtration systems could be targets of malware from Iran’s cyber army.
A failure for the United States to reach a nuclear deal with Iran could result in more cyberattacks against U.S. companies, House Intelligence Committee chairman Mike Rogers (R-Michigan) recently told theHill.
Cyberattacks by Tehran declined dramatically after the United States, other permanent members of the Security Council, and Germany agreed to an interim nuclear deal with Iran in 2013, but should the parties fail to reach a permanent nuclear deal by the newly set March 2015 and July 2015 deadlines, financial firms, oil and gas companies, and water filtration systems could be targets of malware from Iran’s cyber army.
“As soon (as) they believe it’s to their advantage to begin again in more aggressive cyber activity toward the United States, they’re going to do it,” said Rogers. “It would be logical to conclude that if the talks fail completely, they’ll re-engage at the same level,” he added.
Cybersecurity analysts consider Iran to be one of the most focused countries when it comes to using cyber capabilities to attack its adversaries. Iran is considered a close fourth behind the United States, Russia, and China in terms of its ability to launch cyberattacks. “But they make up for it in their apparent willingness to go on the offensive,” said Kristen Eichensehr, an international security professor at the University of California-Los Angeles, School of Law and former State Department attorney.
Iran stepped up its cyberattacks against the U.S. financial sector in 2012, but those attacks were easy to detect and relatively harmless. Over the last two years, the country has advanced its cyber capabilities and formed a Supreme Council of Cyberspace which includes President Hassan Rouhani. The country has also strengthened its cybersecurity research partnerships with Russia. Recently, Iranian engineers reverse-engineered a U.S. drone Iran captured after the drone crashed within Iranian borders. U.S. officials said last week that the quality of the Iranian drone might be equal to that of the American version. “It shows how bolstered their program really is,” said David Kennedy, CEO of information security company TrustedSec, which monitors cyberattacks. “That’s heavily sophisticated equipment.”
None of the cyberattacks attributed to Iran have caused damage to U.S. critical infrastructure, but with improved hacking technology such as stealth malware that could infiltrate major companies without detection, Iran could embed malware in U.S. networks, which could be used for future attacks. “Once you’re in the system, it’s just a few keystrokes for you to delete those files,” said Dmitri Alperovitch, co-founder of cybersecurity firm CrowdStrike, which monitors critical infrastructure attacks.