Experts warn of it .. Scanners, phishing and ransomware are Iran's electronic weapons against America

Iran's promise of revenge for the recent US military killing, Iran's top commander, Qasim Soleimani, has raised concerns about the form of this revenge, with many worried that it will lead to all-out war.

Several experts in the United States have begun preparing for a different type of attack by Iran, which they say is more than likely a fight on the ground, an electronic attack on private companies or government systems in the United States.

Over the past decade, Iran has proven itself as one of the largest cyber threats in the world, which is why any new attack would be just another battle in an ongoing "invisible war" between the United States and Iran that has been and has been happening for years.

Iranian cyber attacks are already so "very active and persistent" that cyber security expert Brian Krebs told America's Recod website that "it is difficult to think of what might constitute an escalation of this activity."

The US Department of Homeland Security is also aware of the potential cyber threat. Two days after Soleimani's death, the National Security Advisory System of the Ministry of National Security issued a circular in which he mentioned Iran's previous "cyber attacks" from its "strong electronic program."

"Iran is able, at least, to carry out attacks with temporary disruptive effects against critical infrastructure in the United States," the leaflet said.

Michael Daniel, president and CEO of the Internet Threats Alliance, and the National Security Council's cyber security coordinator during the administration of former US President Barack Obama, said it was too early to determine what the Iranian cyber attack plans were, but the United States should be prepared for this possibility.

"They have used (cyber attacks) before, and they have continued to develop their capabilities on the Internet during the past few years ... Based on past experience with Iran, this will be a logical pathway for their work," said Daniel.

How did Iran become a threat via the Internet?
If Iran's previous actions are any indication, a new cyber attack on the United States could use malware (programs designed to damage computer systems, such as computer viruses) or denial of service attacks (DoS) (when hackers flood web services with many requests so that Become unable to work).

Ironically, a cyber attack from the United States almost 10 years ago led to Iran intensifying its capabilities in electronic warfare. In June 2010, a computer virus called Stuxnet, which was dubbed "malicious" or "unique malware," was discovered and targeted computers running Iran's nuclear program, and it was reported that it destroyed five centrifuges.

While the Stuxnet attacks are widely believed to be a joint effort between the United States and Israel (with some help from the Dutch), no government has officially recognized this. Iran has responded by taking advantage of cyber espionage capabilities, refining and improving its skills over the past decade, and attacking both America and its allies.

In America, Iranian cyber attacks have largely targeted the private sector. In 2014, the systems of the Sands Hotel and Casino were hacked, data was stolen and destroyed, which cost the casino at least $ 40 million. Between 2011 and 2013, seven Iranians working for the Iranian government were charged with attacking the Department of Defense and 46 companies, most of them financial institutions, according to a 2016 US Department of Justice indictment.

The most famous and suspected fingerprint of the cyber attack was the state-owned Saudi oil company Aramco. In 2012, a virus called Chamon destroyed more than 30,000 computers for Aramco. (Chamon was software type "scanners", a malicious program that specifically wipes data from devices and networks that permanently infect it.)

Saudi Aramco was forced to stop working for several months in order to rebuild its IT infrastructure, which ultimately cost one of the world's most valuable companies hundreds of millions of dollars.

Experts told Ricod.com that modified versions of Chamon appeared in 2016 and 2018, indicating that Iran might use this tool to respond to the United States if it launches a cyber attack.

"I anticipate such devastating attacks as the Chamon attack on Saudi Aramco," said Chris Wisobal, co-founder and chief technology officer for Cybersecurity Software Veracode. He added that local governments and hospitals are potential "easy targets" for such attacks.

Is America ready for electronic war with Iran?
The response of cyber security expert Bruce Schneier was concise and concise, "no."

Security experts have warned for years that Iran will intensify its cyberattacks against America repeatedly and severely, especially since the election of President Donald Trump, who is a very strong opponent of the Iranian regime, and has withdrawn the United States from its nuclear agreement with Iran.

Last October, Microsoft reported that a group of hackers associated with Iran had attempted to access email accounts linked to political journalists and an unspecified presidential campaign.

In the same month, Facebook revealed that Iranian groups had created fake accounts to spread propaganda, which Iran had done several times in the past.

"In light of this latest development, American companies should strengthen their electronic defenses against spear phishing, distributed denial-of-service (DDoS) attacks, ransom attacks, and the most common use of Iranians by attacks," Suncool CEO Bill Bill Conner told Ricode. Scanners. "

Spear phishing attacks are malicious e-mail or e-mail messages that target an individual, organization, or commercial activity, and often aim to steal data, and possibly install malicious software on the target computer or computers.

As for ransom attacks, the hacker through malicious software encrypts the computer data or target computers and does not decrypt them until after the owner of the device meets the hacker's request, usually by paying a certain amount of digital currencies.

"These types of attacks that are used maliciously and designed to inhale human vulnerabilities or network vulnerabilities can ultimately overcome the country's most powerful defenses and security controls, which could represent a historic electronic attack," Conner added.

America has launched several of its own cyberattacks on Iran, as reported last June, September and December. In defense, officials and government agencies have called on Americans to take security precautions.

Last June, the US Department of Homeland Security's Cyber ​​Security and Infrastructure Security Agency warned that there was "a rise in harmful cyber activity directed toward US industries and government agencies by representatives of the Iranian regime and its agents."

Worryingly, the Trump administration abolished the position of the National Security Council's cyber security coordinator in 2018. The position created by the Obama administration was responsible for coordinating cyber security efforts across government agencies.

The position of the State Department's coordinator for cyber security issues has been empty since 2017. The US Government Accountability Office is now recommending that the government take “urgent action” against cyber threats, considering it a “high-risk problem”.

Until now, the only possible Iranian cyber attack on the United States was a rapid hacking of the Federal Reserve Library program website last Saturday, an unknown agency distributing government publications to libraries across the country, as hackers replacing the site's home page with a picture of Trump receiving a punch in Al-Wajh, along with a letter linking the cause of the breach to Soleimani’s killing with a promise of more.