How is Iran really responding to Soleimani’s death? Find out what’s happening behind the scenes with state-sponsored cyberattacks and how it affects all of us.
The US government Cyber Infrastructure Agency (CISA) warns Americans of the potential for “Cyber response to U.S. military strike in Baghdad”.
A short time has passed since the killing of Iran’s Soleimani in a drone strike. But immediately after the assassination, the state-sponsored cyberattacks sourced from Iran were on the rise. Over 35 attacks took place, targeting both the US and its allies.
While not new, Lance Stone with On Time Tech in San Francisco shares, countries like Iran continue to look for new and better ways to make war in 2020. They can take battles into the digital space where the size of a country, who its allies are, and what resources it has at its disposal matter less than how prepared they are for a virtual attack on critical infrastructure like:
- Government services
- Healthcare
- Utilities
- Communications
- Finance
- Transportation
While you may not be in any of these industries, an attack on industries like these would impact all Americans and beyond.
What Are State-Sponsored Cyberattacks?
State-sponsored cyberattacks are funded and organized by a government. These governments can put their best people and ample resources into developing these skills. These aren’t run-of-the-mill hobby hackers.
This funding supports education and research that continually improve these virtual strategies.
Many countries are known to have a program as well as a counter-program to prevent other countries from deploying similar strategies against them.
- North Korea
- Russia
- China
- Iran
- US
You can think of this as an arms race with each group trying to outdo the other. But like all arms races, real civilians do get hurt.
How Do State-Sponsored Affect Ordinary People
The ultimate goal of these attacks is to take down critical infrastructure. They want to harm governments, which includes the people.
Nothing is off-limits. In the days after the drone attack, a library website in the US was targeted by Iran’s hackers. Hackers demonstrating their ability to disrupt, published content threatening US democracy on the library’s website. This may seem harmless. But often, these types of attacks are testing the waters.
Hackers in these programs often use common yet effective strategies to gain access to data, websites, emails of important people. These include scams like:
DOS Denial of Service
You get a spoof email that looks like it’s from a legitimate company with which you do business. They tell you that your service will be canceled if you don’t log in now (through an email link) to update your account.
In an alternate version, they tell you that there’s suspicious activity on your account so that you’ll log in through the email.
Social Engineering
This is convincing people to do things that are natural as a result of social engineering. For example, doing what their boss tells them to do even if it sounds a little odd is typical in many companies.
Ransomware is also not out of the question as this would lockdown files that agencies, organizations and businesses need to work.
How to Protect Yourself and Company
CISA recommends the following in addition to your standard security
- Enhanced monitoring
- Use of email security tools
- Install patches and updates quickly
- Limit employee access using tiers and segment to prevent employees to limit exposure
- Keep your data backed up behind a firewall