Following US President Donald Trump’s announcement of the decision to pull out of the Iranian nuclear deal on Tuesday, concerns have been raised about the possibility of cyberattacks being carried out by elements operating within Iran.
If the worst fears come true, this could have significant cyber security ramifications for businesses and governments almost anywhere in the world. According to reports, Iran’s cyber-espionage program has become fairly sophisticated in recent years.
“Iranian actors remain among the most aggressive we track, carrying out destructive and disruptive attacks in addition to stealthier acts of cyber espionage,” says John Hultquist, Director of Intelligence Analysis at FireEye.
Hultquist says prior to the nuclear agreement, Iranian actors carried out several attacks against the West. “There were also clear signs these actors were probing Western critical infrastructure in multiple industries for future attack,” he said.
Iran may have fewer qualms about wielding its cyber capabilities without the nuclear deal in place, Obama's cyber chief says https://t.co/wXn1VIfBVy— Derek J. Hawkins (@D_Hawk) May 9, 2018
According to Hultquist, these efforts did not entirely disappear with the agreement, but they did refocus on Iran’s neighbors in the Middle East. “With the dissolution of the agreement, we anticipate that Iranian cyberattacks will once again threaten Western critical infrastructure,” says Hultquist.
An Axios report says that it doesn’t take much sophistication to launch many types of destructive attacks and this could also be a response Iran pursued five years ago in the wake of the Stuxnet attack on its nuclear program.
The report cites Andrea Limbago, of the security firm Endgame, as saying that regardless of the news, “there already was cause for increased vigilance and defense preparations against Iranian malicious digital activity.”
The threat intelligence firm Recorded Future believes that Iran could rush to orchestrate a response to the US move, making the nation's response more chaotic, said the Axios report.
Another report in Washington Post said that withdrawing from the pact and reinstating sanctions could lead Tehran-backed hackers to retaliate against the West after several years of relative quiet.
Michael Daniel, who was President Barack Obama’s White House cybersecurity coordinator, said Iran may have fewer qualms about using its cyber capabilities without the diplomatic agreement in place.
“Now that the level of enmity between the United States and Iran is going to only increase, that does free them to carry out cyber operations against the United States,” Daniel was quoted as saying by the newspaper.
According to Daniel , Trump’s announcement raised the specter of a return to operations such as the DDoS attacks, which are designed to disrupt systems by overloading them with illegitimate digital traffic.