Senior officials in the U.S. government believe that Iranian hackers are responsible for a new wave of significant cyberattcks. These unprecedented cyberattacks were very destructive in nature, and crippled several Persian Gulf oil and gas companies.
Last week, CBS News reported that “U.S. officials say a cyber attack against ARAMCO, has been traced to hackers inside Iran. This attack is yet another volley in an increasingly high stakes war going on in cyberspace. Defense Secretary Panetta warns that potential enemies, including Iran, are developing the capability to launch devastating attacks.”
Back in September, hackers hit 30,000 computers at the world’s biggest oil companies. Sky News reported:
“Saudi Arabia's national oil company was hit after at least one insider with high-level access allegedly assisted hackers to wreak havoc on the company's network last month.
The attack, using a computer virus known as Shamoon against Saudi Aramco, is one of the most destructive cyber strikes conducted against a single business. Shamoon spread through the company's network and wiped computer hard drives clean."
According to the Washington Post, Defense Secretary Leon Panetta said the cyberthreat from Iran has grown, and he declared that the Pentagon is prepared to take action if American is threatened by a computer-based assault.
The Wall Street Journal gave significant front page attention to these recent cyberattacks. Here’s an excerpt:
“U.S. agencies have been assisting in the Gulf investigation and concluded that the level of resources needed to conduct the attack showed there was some degree of involvement by a nation state, said the former official. The officials spoke on condition of anonymity because the investigation is classified as secret.
‘Potential aggressors should be aware that the United States has the capacity to locate them and hold them accountable for their actions that may try to harm America,’ Panetta said in a speech to the Business Executives for National Security. He later noted that Iran has ‘undertaken a concerted effort to use cyberspace to its advantage.’"
Cyberattacks Against Banks
Back in late September, Iran was also named as the source of several cyberattacks against Bank of America, JPMorgan, Citi. According to Reuters:
“The attacks, which began in late 2011 and escalated this year, have primarily been ‘denial of service’ campaigns that disrupted the banks' websites and corporate networks by overwhelming them with incoming web traffic, said the sources.
Whether the hackers have been able to inflict more serious damage on computer networks or steal critical data is not yet known. The sources said there was evidence suggesting the hackers targeted the banks in retaliation for their enforcement of Western economic sanctions against Iran.”
It should be noted that Iranian officials have denied hacking U.S. banks. Instead, Iran accused U.S. officials of “demonizing Iran in cyberspace to portray the country as a global threat to cyber security and justify the U.S. and Israeli cyber attacks on Iran."
How Effective Are These Cyberattacks?
Meanwhile, Yahoo News reported that “Iran has a growing legion of low-grade hackers that are quickly becoming a pain in the side of the Obama Administration, and financial companies….
The potential danger of Iran, or anyone causing havoc digitally is something the administration knows they have to consider, which is why the government spends $3 billion annually on digital defense.”
What is clear is that both business and government leaders around the world are very concerned about this escalation of attacks in cyberspace. Many are now thinking that we are entering a new cyber Cold War, with cyberhacking threats taking the place of 20th century nuclear weapons.
What makes this situation so much more complicated is that we have many different nation-states now entering and/or already participating in this cyber Cold War. Besides Iran and China, dozens of countries are thought to be boosting their cyberwar capabilities – whether that focuses solely of cyberdefense or includes more cyberattack capabilities remains to be seen.
What is not in doubt is that Stuxnet and Flame have recently cleared the way for a new chapter for nation-state sponsored or approved cyberattacks. Nations are scrambling to stay ahead of others and/or to gain advanced cybersecurity capabilities.
Where is this heading? Check out this video interview with Eugene Kaspersky from back in June, 2012. Kaspersky is recognized as a global expert on a variety of cybersecurity topics, and he helped launch the now famous company that bears his name. He describes “the end of the world as we know it” in this video piece with a new era of “cyberweapons, cyberwar and cyberterrorism.” Scary stuff.
Why Release This Information Now?
There is no doubt in my mind that the events of the past week have ratcheted-up the pressure even further on cybersecurity, if that is possible.
So why did Defense Secretary Panetta give this speech now? Are these attacks getting worse? Given that we are in the middle of an election campaign, what is the significance of naming Iran. Yes, I think Iran is being warned, but could an executive order on cyber still be coming soon?
I suspect there still may be an executive order coming on cybersecurity, and these Iranian cyberattack realities may be named as a big part of the reason why. As I have said before, I think that the time for government action, hopefully with bipartisan legislation, is now.
I’d love to hear your thoughts.
Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist, keynote speaker and author.
During his distinguished career, he has served global organizations in the public and private sectors in a variety of executive leadership capacities, receiving numerous national awards including: CSO of the Year, Public Official of the Year and Computerworld Premier 100 IT Leader.
Lohrmann led Michigan government’s cybersecurity and technology infrastructure teams from May 2002 to August 2014, including enterprisewide Chief Security Officer (CSO), Chief Technology Officer (CTO) and Chief Information Security Officer (CISO) roles in Michigan.
He currently serves as the Chief Security Officer (CSO) and Chief Strategist for Security Mentor Inc. He is leading the development and implementation of Security Mentor’s industry-leading cyber training, consulting and workshops for end users, managers and executives in the public and private sectors. He has advised senior leaders at the White House, National Governors Association (NGA), National Association of State CIOs (NASCIO), U.S. Department of Homeland Security (DHS), federal, state and local government agencies, Fortune 500 companies, small businesses and nonprofit institutions.
He has more than 30 years of experience in the computer industry, beginning his career with the National Security Agency. He worked for three years in England as a senior network engineer for Lockheed Martin (formerly Loral Aerospace) and for four years as a technical director for ManTech International in a US/UK military facility.
Lohrmann is the author of two books: Virtual Integrity: Faithfully Navigating the Brave New Web and BYOD for You: The Guide to Bring Your Own Device to Work. He has been a keynote speaker at global security and technology conferences from South Africa to Dubai and from Washington, D.C., to Moscow.
He holds a master's degree in computer science (CS) from Johns Hopkins University in Baltimore, and a bachelor's degree in CS from Valparaiso University in Indiana.
Follow Lohrmann on Twitter at: @govcso
Building effective virtual government requires new ideas, innovative thinking and hard work. From cybersecurity to cloud computing to mobile devices, Dan discusses what’s hot and what works in the world of gov tech.