Experts warn that Iran could answer US sanctions with cyber attacks

The US is bracing for cyberattacks Tehran could launch in retaliation for sanctions President Donald Trump has slapped back on Iran, cybersecurity and intelligence experts warn (Iranian Presidency Office via AP)
Updated 09 August 2018
0

Experts warn that Iran could answer US sanctions with cyber attacks

  • The US is bracing for cyberattacks Iran could launch in retaliation for the re-imposition of sanctions
  • Concern over that cyber threat has been rising since May, when Trump pulled out of the 2015 nuclear deal

WASHINGTON: The US is bracing for cyberattacks Iran could launch in retaliation for the re-imposition of sanctions this week by President Donald Trump, cybersecurity and intelligence experts say.
Concern over that cyber threat has been rising since May, when Trump pulled out of the 2015 nuclear deal, under which the US and other world powers eased economic sanctions in exchange for curbs on Iran’s nuclear program. The experts say the threat would intensify following Washington’s move Tuesday to re-impose economic restrictions on Tehran.
“While we have no specific threats, we have seen an increase in chatter related to Iranian threat activity over the past several weeks,” said Priscilla Moriuchi, director of strategic threat development at Recorded Future, a global real-time cyber threat intelligence company. The Massachusetts-based company predicted back in May that the US withdrawal from the nuclear agreement would provoke a cyber response from the Iranian government within two to four months.
US intelligence agencies have singled out Iran as one of the main foreign cyber threats facing America, along with Russia, China and North Korea. A wave of attacks that US authorities blamed on Iran between 2012 and 2014 targeted banks and caused tens of millions of dollars in damage. They also targeted but failed to penetrate critical infrastructure.
Iran denies using its cyber capabilities for offensive purposes, and accuses the US of targeting Iran. Several years ago, the top-secret Stuxnet computer virus destroyed centrifuges involved in Iran’s contested nuclear program. Stuxnet, which is widely believed to be an American and Israeli creation, caused thousands of centrifuges at Iran’s Natanz nuclear facility to spin themselves to destruction at the height of the West’s fears over Iran’s program.
“The United States has been the most aggressive country in the world in offensive cyber activity and publicly boasted about attacking targets across the world,” said Alireza Miryousefi, spokesman for Iran’s diplomatic mission at the United Nations, contending that Iran’s cyber capabilities are “exclusively for defensive purposes.”
Gen. Qassem Soleimani, who heads the elite Quds Force of Iran’s hard-line paramilitary Revolutionary Guard, has sounded more ominous, warning late last month about Iran’s capabilities in “asymmetric war,” a veiled reference to nontraditional warfare that could include cyberattacks.
The Trump administration says it re-imposed sanctions on Iran to prevent its aggression — denying it the funds it needs to finance terrorism, its missile program and forces in conflicts in Yemen and Syria.
The sanctions restarted Tuesday target US dollar financial transactions, Iran’s automotive sector and the purchase of commercial planes and metals, including gold. Even stronger sanctions targeting Iran’s oil sector and central bank are to be re-imposed in early November. European leaders have expressed deep regret about the US actions. They hit Iran at a time when its unemployment is rising, the country’s currency has collapsed and demonstrators are taking to the streets to protest social issues and labor unrest.
Norm Roule, former Iran manager for the office of the Director of National Intelligence, said he thinks Tehran will muster its cyber forces in response.
“I think there is a good chance Iran will use cyber, probably not an attack that is so destructive that it would fragment its remaining relationship with Europe, but I just don’t think the Iranians will think there is much cost to doing this,” Roule said. “And it’s a good way to show their capacity to inflict economic cost against the United States.”
“Iran’s cyber activities against the world have been the most consequential, costly and aggressive in the history of the Internet, more so than Russia. ... The Iranians are destructive cyber operators,” Roule said, adding that Iranian hackers have, at times, impersonated Israeli and Western cybersecurity firm websites to harvest log-in information.
The office of Director of National Intelligence Dan Coats declined to comment Tuesday on the likelihood that Iran will answer the sanctions with cyber operations against the US When the US pulled out of the nuclear deal, the FBI issued a warning saying that hackers in Iran “could potentially use a range of computer network operations — from scanning networks for potential vulnerabilities to data-deletion attacks — against US-based networks in response to the US government’s withdrawal” from the nuclear pact.
Accenture Security, a global consulting, managing and technology company, also warned Tuesday that the new sanctions would “likely to push that country to intensify state-sponsored cyber threat activities,” particularly if Iran fails to keep its European counterparts committed to the nuclear pact.
Josh Ray, the firm’s managing director for cyber defense, said it hasn’t seen any evidence that Iran has launched any new cyber operations, but he said Iran has the capability to do it and has historically operated in a retaliatory manner.
“This still remains a highly capable, espionage-related type threat,” Ray said. “Organizations need to take this threat seriously. They need to understand how their business could potentially be impacted.”
Recorded Future’s Moriuchi anticipated that businesses most at risk were those victimized in Iranian cyberattacks between 2012 and 2014 — they include banks and financial services, government departments, critical infrastructure providers, and oil and energy.
Those cyberattacks cost nearly 50 financial institutions tens of millions of dollars. The repeated attacks disabled bank websites and kept hundreds of thousands of customers from accessing their online accounts. US prosecutors indicted several Iranians, alleging they worked at the behest of the Iranian government.
One defendant allegedly targeted the computer systems of the Bowman Dam in Rye, New York. No access was gained, but prosecutors said the breach underscored the potential vulnerabilities of the nation’s critical infrastructure.
In March, the Justice Department also announced charges against nine Iranians accused of working at the behest of the Islamic Revolutionary Guard Corps to steal large quantities of academic data from hundreds of universities in the United States and abroad as well as email accounts belonging to employees of government agencies and private companies.


Jordan’s PM appeals for more aid as most Syrian refugees set to stay

Updated 29 min 11 sec ago
0

Jordan’s PM appeals for more aid as most Syrian refugees set to stay

  • Jordan PM says most refugees not returning yet
  • Amman says funding crucial to keep economy afloat

AMMAN: Jordan’s Prime Minister Omar Al-Razzaz appealed on Wednesday to major donors to continue multi-billion dollar funding for Syrian refugees in the kingdom, saying most of those who had fled the eight-year conflict had no intention of returning any time soon.
Razzaz told representatives of major Western donors, UN agencies and NGOs that relatively few refugees had gone back since Syrian President Bashar al Assad’s army last summer regained control of southern Syria, where most had fled from.
“The number of refugees that so far returned voluntarily is low and most have no intention of going back any time soon,” Razzaz told a meeting to launch a UN-funded government plan that earmarks $2.4 billion in funding needs for 2019.
Officials say only around 10,000 refugees out of a total estimated at 1.3 million had left since the two countries opened the vital Nassib-Jaber border crossing last October.
Razzaz echoed the UN view that unstable conditions inside Syria, where large-scale destruction, fear of retribution and military conscription has made many reluctant to return.
“We are now entering a new phase of the Syrian crisis, however the impact is still ongoing. The conditions for their return are not present,” Razzaz added.
The prime minister warned against donor fatigue in a protracted crisis where the needs of refugees and vulnerable Jordanians were largely unchanged.
Maintaining funding that covers education, health and crucial services for tens of thousands of Syrian refugees and local communities was crucial to ease rising pressures on the debt-burdened economy, he added.
“Aid helped Jordan in staying resilient in a difficult regional setting,” Razzaz said, adding the refugee burden had strained meagre resources such as water and electricity, with a donor shortfall covered from state finances.
Jordan is struggling to rein in record public debt of $40 billion, equivalent to 95 percent of gross domestic product, under a tough International Monetary Fund (IMF) austerity plan.
Major donors say more than $6 billion had been extended to Jordan since 2015, which economists credit for rejuvenating once sleepy northern border towns, while refugee entrepreneurship brought a pool of cheap labor and new skills, triggering a property boom and higher productivity.
The kingdom received around $1.6 billion last year alone.
“The level of funding to Jordan that still remains is exceptional in global comparison,” said UN Resident and Humanitarian Coordinator Anders Pedersen, adding needs had evolved from the humanitarian aid required early in the conflict to development projects that benefit the economy.