{"id":10047,"date":"2015-12-18T16:00:50","date_gmt":"2015-12-18T22:00:50","guid":{"rendered":"http:\/\/hcstx.org\/?p=10047"},"modified":"2015-12-18T16:00:50","modified_gmt":"2015-12-18T22:00:50","slug":"iran-a-rising-cyber-power","status":"publish","type":"post","link":"https:\/\/thetacticalhermit.com\/index.php\/2015\/12\/18\/iran-a-rising-cyber-power\/","title":{"rendered":"Iran: A Rising Cyber-Power?"},"content":{"rendered":"<div class=\"field field-name-body field-type-text-with-summary field-label-hidden clearfix\">\n<div class=\"field-items\">\n<div class=\"field-item even first last\">\n<p style=\"text-align:center;\"><img decoding=\"async\" loading=\"lazy\" class=\"aligncenter size-full wp-image-10048\" src=\"https:\/\/hcsblogdotorg.files.wordpress.com\/2015\/12\/iranian-cyber-threat1.jpg\" alt=\"iranian-cyber-threat1\" width=\"600\" height=\"218\" \/><\/p>\n<p style=\"text-align:center;\"><em><strong>&#8220;A Brown Water Navy&#8221;<\/strong><\/em><\/p>\n<p>Through a series of attacks over the last three years, Iran has revealed a limited offensive cyber capability but a willingness to use it to meet its geopolitical goals.<\/p>\n<p>In <a href=\"http:\/\/www.armed-services.senate.gov\/imo\/media\/doc\/15-18%20-%202-26-15.pdf\" target=\"_blank\" rel=\"noopener\">testimony<\/a> calling out Iran for attacks on <a href=\"http:\/\/www.bloomberg.com\/bw\/articles\/2014-12-11\/iranian-hackers-hit-sheldon-adelsons-sands-casino-in-las-vegas#p5\" target=\"_blank\" rel=\"noopener\">Sands Casinos<\/a>, Director of National Intelligence James Clapper put Iranian cyber capability in the same category as North Korea, noting that these countries had \u201clesser technical capabilities.\u201d China and Russia, on the other hand, have \u201cvery sophisticated programs.\u201d<\/p>\n<p>The wiper virus attack against Sands along with similar attacks against Saudi Aramco and RasGas, and distributed denial of service (DDoS) attacks against U.S. financial institutions, used <a href=\"http:\/\/arstechnica.com\/security\/2014\/12\/iranian-hackers-used-visual-basic-malware-to-wipe-vegas-casinos-network\/\" target=\"_blank\" rel=\"noopener\">open-source and widely available hacking tools<\/a>.<\/p>\n<p>The attacks on the Sands Casinos began with a brute-force attack to guess login credentials at a far-flung outpost of the Sands gaming empire. When security personnel noticed the attack and added additional layers of security, they found a vulnerable web-server, gained access to it, and then used an open source tool to gather credentials. They then used these credentials to access Sands main corporate network, where they planted the wiper that wreaked havoc across the corporate network.<\/p>\n<p>That wiper virus, written in Visual Basic and 150 lines of code in all, <a href=\"http:\/\/arstechnica.com\/security\/2014\/12\/sony-pictures-malware-tied-to-seoul-shamoon-cyber-attacks\/\" target=\"_blank\" rel=\"noopener\">showed similarities to the Shamoon virus that took out 30 thousand computers at Saudi Aramco<\/a>. But it also showed similarities to the malware used against Sony Pictures and in an attack against South Korea. While these similarities might point to a single source \u2013 maybe an \u201cAxis of Evil\u201d joint cyber lab \u2013 most experts judge that the similarities are due to the lack of sophistication \u2013 nothing more than copy and paste exercises carried out by different groups with a similar (and basic) skill set.<\/p>\n<p>Technical sophistication, however, is only one measure of Iran\u2019s cyber program. While Iran possesses the cyber equivalent of a \u201cbrown water\u201d navy \u2013 it can\u2019t compete on the high seas, but it\u2019s small and limited capabilities can pack a punch \u2013\u00a0 in cyberspace, where geography isn\u2019t a limiting factor, Iran can deliver whatever capability it has to a target anywhere on the globe.<\/p>\n<p>Iran has used its limited capabilities as a tool for what the intelligence community has labeled \u201casymmetric but proportional retaliation\u201d in response to the activities of foreign adversaries.<\/p>\n<p>Most analysts believe the attacks attributed to Iran are not being carried out by elements of the Iranian government but by affiliated hacking groups that operate at the behest of the Iranian government. Yet, the hackers seem to operate under a sophisticated understanding of where U.S. redlines may be. The Shamoon virus was used to target U.S. allies in the Persian Gulf (thought by many to be a response to alleged U.S. involvement in Stuxnet). When targeting the U.S. financial sector, Iranian actors didn\u2019t deploy their worst weapon. Instead, they launched a series of DDoS attacks that amounted to a nuisance, albeit a costly one, rather than attempting to disrupt operations of any U.S. banks.<\/p>\n<p>For all their sophistication, the DDoS attacks were clearly meant to make the U.S. government take notice without provoking a response. In retaliating against the CEO of Sands Casinos, Sheldon Adelson, for his comments calling for a nuclear demonstration against Iran, the Iranian actors seem to have intuited that his casinos didn\u2019t represent the kind of critical infrastructure target that might cause the U.S. to escalate.<\/p>\n<p>While Iran will likely not gain the ability to use cyber attacks to alter U.S. strategy or deter action in the Middle East, it\u2019s proven adept at using its limited capabilities to signal displeasure and threaten further action.<\/p>\n<p>Read the Original Article at<strong> <a href=\"https:\/\/www.thecipherbrief.com\/article\/brown-water-navy\">The Cipher Brief<\/a><\/strong><\/p>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"field field-name-field-add-this field-type-addthis field-label-hidden clearfix\"><\/div>\n","protected":false},"excerpt":{"rendered":"<p>&#8220;A Brown Water Navy&#8221; Through a series of attacks over the last three years, Iran has revealed a limited offensive cyber capability but a willingness to use it to meet its geopolitical goals. In testimony calling out Iran for attacks on Sands Casinos, Director of National Intelligence James Clapper put Iranian cyber capability in the&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_newsletter_tier_id":0,"jetpack_publicize_message":"","jetpack_is_tweetstorm":false,"jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false}}},"categories":[2805,2122,74,883,1814,65,1898],"tags":[3340,1285,3341,3342,3343,3344,3345],"jetpack_publicize_connections":[],"jetpack_sharing_enabled":true,"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/thetacticalhermit.com\/index.php\/wp-json\/wp\/v2\/posts\/10047"}],"collection":[{"href":"https:\/\/thetacticalhermit.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/thetacticalhermit.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/thetacticalhermit.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/thetacticalhermit.com\/index.php\/wp-json\/wp\/v2\/comments?post=10047"}],"version-history":[{"count":0,"href":"https:\/\/thetacticalhermit.com\/index.php\/wp-json\/wp\/v2\/posts\/10047\/revisions"}],"wp:attachment":[{"href":"https:\/\/thetacticalhermit.com\/index.php\/wp-json\/wp\/v2\/media?parent=10047"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/thetacticalhermit.com\/index.php\/wp-json\/wp\/v2\/categories?post=10047"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/thetacticalhermit.com\/index.php\/wp-json\/wp\/v2\/tags?post=10047"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}