Potential Retaliation of Iran on the US via Cyber Warfare

Jan 9, 2020

Potential Retaliation of Iran on the US via Cyber Warfare

A message from Accellis Technology Group Director of Cybersecurity, Tom Fazio:

In our ongoing effort to educate and inform our clients about security-related threats, we would like to make our clients are aware of the potential retaliation of Iran on the US via cyber warfare. Iran possesses strong cyber capabilities, as history has shown. In the past decade, Iranian hackers have targeted major banks such as JPMorgan Chase, Bank of America, and Wells Fargo with attacks to make it difficult for Americans to sign into their bank accounts to access their money. These types of attacks make it difficult to prove culpability, but the attacks were traced to Iranian owned companies that worked for their government.

Our cyber team works closely with InfraGard, a partnership between the FBI and members of the private sector, to receive timely information on conceivable threats to infrastructure. InfraGard has already sent out an advisory to heighten our collective awareness even though no specific threats to the private sector by Iran have been publicly made. Many feel a cyber attack is the most compelling retaliation for Iranians due to the deniability and their investment in militarizing cyberspace. Even though specific industries may be a target, there could be collateral damage in the form of ransomware, DoS (Denial of Service), or other destructive attacks. Other bad actors could potentially reengineer payloads used by Iranians for new campaigns.

We take the security of our clients very seriously and have great pride in our ability to work with our clients to develop a cyber risk strategy. By leveraging our professional skills and tools, we can develop a sensible, layered approach to protect your data from various known and unknown threats. In this era where cyber warfare is a plausible threat, it’s essential to be vigilant and have a comprehensive written information security program.

Here are some actions we recommend:

Adopt a state of heightened awareness.

Heightened awareness includes making sure employees are aware of the increased probability of a cyber-attack. Do not click on unknown or suspicious links. Making sure emergency call trees are up to date, and your internal communication strategy is well known.

Increase organizational vigilance

Ensure personnel knows how to identify abnormal behavior, specifically phishing and spear phishing techniques. Your employee security training program should address user behavior but, ultimately, backup protection systems in place, including a vulnerability management program, and a modern email protection system that uses machine learning.

Confirm your reporting processes

Ensure personnel knows how and when to report an incident and that your company incident response plan is up to date. The well-being of an organization’s workforce and cyberinfrastructure depends on the awareness of threat activity. Consider using a SOC (Security Operations Center) Service to monitor your network for malicious activity so that it can be reported, and ultimately dealt with promptly.

We will continue to monitor this situation closely and keep you updated. Please contact us with ANY questions you may have.

Thank you,
Tom Fazio
Director of Cybersecurity
216.662.3200 ext 130