Overt military hostilities between Iran and the United States appear to have subsided after the Trump Administration’s killing of Gen. Qasem Soleimani brought tensions to a near boil. While the probability of a hot war has thankfully subsided, the likelihood of increased cyberthreats from Iran has never been higher or carried the potential for such considerable economic damage.
In a recent survey of leading cybersecurity experts (both government and the private sector), 85 percent of respondents expect serious cyberattacks to come from Iran in the next few months.
When we hear these warnings, we naturally assume that the attacks will target federal infrastructure like dams, water plants and the energy grid. However, experts warn that the targets are broader, Iran’s capabilities are greater and the potential damage could ripple across all sectors of the economy. Local governments, small and medium businesses and government contractors are all being warned to stay on high alert.
Iran’s Cyber Capabilities
Back in 2009 a classified U.S. intelligence assessment concluded that Iran had the motivation but not the skills or resources to conduct crippling cybersecurity attacks. Today, the expert assessment has changed. While Iran’s cyber capabilities might not match those of Russia and China, Iran is both capable and willing to inflict harm.
Iran’s increased capabilities are the result of considerable investment and practice in cyberwarfare, including shutting down U.S. banks in 2013, infiltrating a New York dam in 2013 and destroying data on thousands of computers at the Sands Casino in 2014.
As VersaTrust founder and cybersecurity expert Danny Owens explains, “Iran meets the definition of an advanced persistent threat, APT, because of its willingness and capability to inflict serious harm.” Moreover, businesses need to be especially wary and protect themselves because they are often at the bottom of the totem pole in terms of U.S. government cybersecurity assets coming to their support.
The Threat to the Private Sector
There are several ways Iranian cyberattacks pose a substantial threat to American businesses.
1. Miscalculation
This scenario is hardly something to take lightly. With so many businesses providing essential admin and technical services to federal, state and local governments, the possibility that a hacker harms a private business’s IT infrastructure in an attempt to damage government assets is all too real.
2. Collateral Damage
Government servers store reams of data about contractors, local businesses and private citizens. This means that when a government network is infiltrated, the data belonging to businesses and individuals is also likely to quickly find its way to the Dark Web where it may be exploited unless those businesses perform routine Dark Web monitoring.
3. Asymmetric Cyberwarfare
As cybersecurity experts describe it, Iran is always looking for innovative ways to inflict harm on U.S. interests and the economy, while avoiding overt destruction and casualties that would trigger a military response. Because hackers look for the most vulnerable targets, this makes small businesses and local government likely victims of cyberattack.
4. Iranian Proxies
Iran is notorious for using proxy organizations and militias to extend its influence in countries like Iran, Syria, Lebanon and elsewhere. When it comes to cyber-terrorism, Iran also engages splinter cells and non-state actors that often prefer to target businesses because:
- Many business don’t employ rigorous top shelf security suites, and
- Attacks on private businesses are less likely to trigger direct retaliation from the U.S. government.
Ways to Protect from an Iranian Cyberattack
With the heightened threat of cyberattacks from Iran adding to the usual array of cyberthreats coming out of Eastern Europe, China, and here at home, the urgency of securing your network and IT infrastructure has never been greater. Here are a few important and immediate steps you can take:
- Change your passwords to include capital letters, numbers and symbols.
- Enable two-factor authentication for accessing email and other business accounts.
- Upgrade your operating system and other applications with the latest patches.
- Review these tips from the U.S. Cybersecurity and Infrastructure Security Agency (CISA) about reporting and response to a hacking incident.
- Most importantly, update your cybersecurity plan and procedures
We also highly recommend that you engage an expert managed security services provider (MSSP) to set up a top shelf security suite, monitor the Dark Web, and respond to security threats 24/7/365. Here at VersaTrust we constantly monitor our clients’ security and prevent threats.
If you have concerns about your business’s preparedness against emerging cyberthreats, don’t hesitate to call us (817 595-0111) or email us today for a consultation.