Tech UPTechnologyIran's cyberattack against the United States: what could be...

Iran's cyberattack against the United States: what could be the consequences?

The assassination of General Qasem Soleimani at the hands of the US military, because according to President Donald Trump “he planned to blow up the US embassy in Iraq” , has made the whole world think that Iran is preparing a series of cyberattacks against the United States as part of its revenge. . Even the US ambassador to the United Nations, Kelly Craft, justified the assassination before the United Nations Security Council as an act of “legitimate defense .”

Although Iran is not considered one of the most gigantic cyber threats in the world (its program lags behind Russia and China), the concern is not insignificant either because its cyberattacks, until now, have been characterized by unpredictability, and The United States government does not know how its capabilities have improved in recent years.

What could be the consequences of this cyber war threat from Iran against the US? We spoke with cybersecurity expert Deepak Daswani (La Amenaza Hacker, 2018) to analyze the situation and weigh its possible consequences.

 

Is Iran Really a Cybersecurity Danger?

“In the wake of the latest news and the US assassination of General Soleimani, there is much speculation that Iran will use cyberspace as a battlefield to launch its response. In this sense, Iran could pose a danger to cybersecurity, but like the rest of the states with offensive capabilities in this area, which as we know there are many. Over the last few years we have learned details about numerous attacks that are launched from nations on other countries, as well as on specific estates, companies or even dissident individuals from any regime. These are usually sophisticated attacks, requiring planning, resources and a deployment of capabilities. Attacks that are launched on specific sectors and objectives directed depending on their motivation, but obviously not on the whole world . Unlike the massive attack campaigns launched by cybercriminals to obtain maximum profitability with the minimum investment, the attacks that come from states always have very specific and targeted objectives ”.

 

Some voices on the Internet seem to assume that what happened means that it is almost imminent that there will be a Third World War that, unlike the previous ones, would be cybernetic. What do you think?

“That this is nothing new for those of us who know this world . For many years now, there have been numerous incidents of war between countries. One of the most talked about that was talked about a lot for years in the media, security conferences, series and even movies was precisely between the United States and Iran. We talked, how could it be otherwise, about Stuxnet , the first attack on an Iranian nuclear power plant back in 2009, which came from the US and Israel. In fact, this attack and others that followed led to the appearance of an acronym widely used since then and in recent years in the cybersecurity sector: APT ( Advanced Persistent Threat) . To precisely define the targeted attacks that we referred to on specific objectives, which have a very high level of sophistication and planning, and behind which in many cases there are governments.

Regarding the allusion to a Third World War, the expert comments: “As we have seen throughout history, there have already been some incidents of cyberwar between countries. In addition, from Stuxnet, we could comment on the Aurora operation, the incidents between Estonia and Russia, China and the United States … Actually, this scenario that constitutes cyberspace is a different context that has little to do with the physical world , where obviously when there is an attack by the army of a country, the whole world notices. In this sense, the attacks that take place on the network cannot be seen so easily. In many cases they are very complex and sophisticated attacks, which are perpetrated globally and in which the most difficult thing in itself is to be able to attribute the authorship of the attack to an army or a nation. In most cases, after investigating, it is possible to speculate who was behind an attack, but ultimately it is impossible to guarantee 100% the veracity of this assumption, so obviously those responsible for the different countries generally do not recognize or assume their responsibility. possible responsibility or involvement in an attack. This is what makes cyberspace a very attractive framework for launching these attacks. On the other hand, it will always be less expensive to launch exploits through the network than to mobilize an army to a country ”.

What is a reality is that for a few years now there have been operations that take place in virtual space , and that as we have previously stated, in practice it is very difficult to attribute the authorship of the attacks with certainty. On the other hand, something that also happens today is that on many occasions, in traditional warlike conflicts, attacks in the physical world are preceded by attacks in cyberspace, which seek to attack the infrastructures that support the defenses of the nation or country to attack. We could see an example of this a few years ago in the conflict in Libya, where the US raised the possibility of launching cyberattacks to temporarily cut off the military communications of the defense of Libya, so that they could not send missiles to the planes of NATO ”.

 

It’s been a few days and there doesn’t seem to have been a meaningful response. Be that as it may, what would be the most genuine concerns and consequences of such an attack? Could it affect us?

 

“An attack of these characteristics involves planning, resources and the deployment of capabilities. In addition, these are attacks that generally consist of several stages and that go through different phases. On the other hand, the fact that a generalized alert is created worldwide in order to detect an offensive of these characteristics also means that the attacker must maximize precaution in order not to be detected. In principle, as we could guess , the target of a response by Iran would be the US, for obvious reasons, so it is its critical infrastructures and its organizations that could be among the main targets. But anything can happen. Let us remember that beyond these incidents of cyber attacks between countries, we have seen cases of very high-profile incidents in recent years in which organizations and infrastructures from different countries have been compromised. Like the famous WannaCry, the most mediatic cyberattack in history, or the Non-Petya that occurred just a month later. It would also be possible for other actors outside the conflict, such as other states or cybercriminal organizations, to take advantage of the moment to launch a campaign of attacks, trying to target Iran as the responsible country to generate confusion and avoid detection. The good or bad thing about attacks in cyberspace is that it is difficult to ultimately attribute the real authorship of an attack , although in many cases with the passage of time it can be targeted with almost total certainty ”.

 

What preventive measures would you advise users or companies?

“Well, maximize caution by following the safety guidelines that are always pointed out. But in particular, be extremely cautious when opening emails, clicking links or opening attachments even in those emails that appear to come from known and trusted senders. In this type of targeted attack, the level of sophistication is such that the environment of the targets is known and very credible decoys can be used to spoof the identity of trusted contacts through attacks.phishingdirected to steal credentials and have a first point of access to the attacked organization. On the other hand,It is essential to always keep systems up to date to prevent them from being compromised by known vulnerabilities. This must be a maxim. It is true that in the face of a zero day vulnerability (not known even by the manufacturer) no one can protect themselves and that sophisticated attacks such as the ones we discussed could use this type of cyberweapons, but we return to the fact that in practice, it makes sense that these would be used on targets concrete and would not be “wasted” to launch a massive attack. In any case, even being aware that today it is not possible to pretend to avoid being compromised at some point, it is possible to mitigate the impact that a possible cyberattack may have. And for this, these measures and many others must be applied, such as even training the organization’s staff on cybersecurity awareness. The latter is essentialto prevent workers from falling prey to cybercriminals.On the other hand, it is imperative that organizations that have not developed an incident response plan make its development a priority objective. We must assume that at some point we may be victims of a cyber attack, and that it is essential to be able to be prepared for something to happen and to know how to react ”.

 

The computer attacks we suffered in 2019

The National Cryptological Center (CCN) detected 36 critical cyberattacks on computer systems in our country during 2019. These were the most prominent incidents:

FaceApp case: Its privacy policy turned out to be somewhat opaque and outdated, since the Russian company established that users granted absolutely all rights regarding the results obtained from the use of the application to the company and affiliated companies of the same group.

Filtering of data in online sale of tickets to the Alhambra: in May 2019, the private data (emails, phone numbers, names, surnames …) of 4.5 million users of this service were hacked and ended up at the hands of cybercriminals, swelling the black market for buying stolen data.

Ryuk cyber kidnapping: Europe suffered a cyberattack based on ransomware, specifically on Ruyk, a type of malware specialized in attacking business environments. This malware “hijacks” user data when infected and requests a financial ransom to free or unlock the computer. In 2018 the protagonist was the WannaCry virus and in 2019 it was Ryuk, which caused drops in services and web pages.

Go from a traditional CV to a digital and comprehensive one

The reality is that a person's CV on paper does not accurately reflect whether that person is suitable for a job, says Guillermo Elizondo.

Prime Day does not save Amazon and reports only 15% growth

The big tech companies are disappointing shareholders and Wall Street's response is to stop betting on them.

Goodbye to “irregular import” cell phones: ZTE will block them in Mexico

The company explained that it will send a message to the smartphones from which it "does not recognize" its import.

77% of the semiconductors that Intel manufactured in 2020 came from Asia

Upon the arrival of the new 13th Generation Intel Core in Mexico, the company spoke about its most relevant segments.

Japanese scientists create a 'washing machine for humans'

Can you imagine taking a relaxing bath in a machine that washes you with bubbles, plays relaxing music or videos?

More