Escalating Cyberwar between Iran and US

A newly disclosed National Security Agency document illustrates the striking acceleration of the use of Cyber weapons by the United States and Iran against each other, both for spying and sabotage.
The release comes even as Secretary of State John Kerry and his Iranian counterpart met in Geneva to try to break a stalemate in the talks over Iran’s disputed nuclear program.

The document, which was written in April 2013 for Gen. Keith B. Alexander, then director of the NSA, described how Iranian officials had discovered new evidence the year before that the United States was preparing computer surveillance or cyberattacks on their networks.
It detailed how the US and Britain had worked together to contain the damage from “Iran’s discovery of computer network exploitation tools” - the building blocks of cyber weapons.
That was more than two years after the Stuxnet worm attack by the US and Israel severely damaged the computer networks at Tehran’s nuclear enrichment plant.
The document, which was first reported by The Intercept, an online publication that grew out of the disclosures by Edward J. Snowden, the former NSA contractor, did not describe the targets.
But for the first time, the surveillance agency acknowledged that its attacks on Iran’s nuclear infrastructure, a George W. Bush administration program, kicked off the cycle of retaliation and escalation that has come to mark the computer competition between the United States and Iran.
The document suggested that even while the high-stakes nuclear negotiations played out in Europe, day-to-day hostilities between the United States and Iran had moved decisively into cyberspace.
A former senior intelligence official who looked at the two-page document said it provided “more evidence of how far behind we are in figuring out how to deter attacks, and how to retaliate when we figured out who was behind them.”
The document declares that American intercepts of voice or computer communications showed that three waves of attacks against US banks that began in August 2012 were launched by Iran “in retaliation to Western activities against Iran’s nuclear sector,” and added that “senior officials in the Iranian government are aware of these attacks.”
The main targets were the websites of Bank of America and JPMorgan Chase. By 2015 standards, those were relatively unsophisticated “denial of service” strikes that flooded the banks with data, so overloading them it was impossible for a time for customers to access their accounts.
More recently, the Obama administration, in an effort to deter attacks, has grown less reticent about naming countries that the administration believes are responsible for such attacks. In May, five members of the Chinese People’s Liberation Army were indicted on a charge of stealing intellectual property from American companies.
And in December, President Barack Obama said he had evidence that North Korea’s leadership was behind an attack on Sony Pictures Entertainment, though he did not provide details. The New York Times later reported that the NSA had gathered the evidence from implants it had placed in North Korean computers beginning in 2010.
http://cyberwar.einnews.com/article/251329595/ArYatoR41ThPBh5J

« FBI Close to Finding Anthem Health Hackers
The Spy Cables: A Glimpse into Espionage »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

ComSec LLC

ComSec LLC

ComSec perform threat assessments to identify vulnerabilities and help protect businesses against corporate espionage via electronic eavesdropping.

Linklaters LLP

Linklaters LLP

Linklaters is an international law firm. Practice areas include Information Management and Data Protection.

Information Commissioner's Office (ICO)

Information Commissioner's Office (ICO)

The Information Commissioner's Office is an independent authority set up to uphold information rights in the public interest.

Firebrand

Firebrand

Firebrand is the leader in Accelerated Learning in the field of IT and project management.

Italian Association of Critical Infrastructure Experts (AIIC)

Italian Association of Critical Infrastructure Experts (AIIC)

AIIC acts as a focal point in Italy for expertise on the protection of Critical Infrastructure including ICT networks and cybersecurity.

Operational Center for Information Systems Security (COSSI)

Operational Center for Information Systems Security (COSSI)

COSSI is responsible for the detection and mitigation of cyber attacks directed at French Government information systems.

CounterCraft

CounterCraft

The CounterCraft Cyber Deception Platform fits seamlessly into existing security strategies and delivers high-end deception for threat hunting and threat detection.

2Keys

2Keys

2Keys designs, deploys and operates Digital Identity Platforms and Cyber Security Platforms through Managed Service and Professional Service engagements.

East Midlands Cyber Resilience Centre (EMCRC)

East Midlands Cyber Resilience Centre (EMCRC)

The East Midlands Cyber Resilience Centre is set up to support and help protect businesses across the region against cyber crime.

Cloud Range

Cloud Range

Cloud Range provides cybersecurity teams with access to the world's leading cyber range platform, eliminating the need to invest in costly cyber range infrastructure.

Progress Partners

Progress Partners

Progress Partners is a corporate advisory firm that works with buyers and sellers of emerging growth companies to complete M&A or private placement transactions. Our sectors include cybersecurity.

Solvo

Solvo

Solvo enables security teams and other stakeholders to automatically uncover, prioritize, mitigate and remediate cloud infrastructure access risks.

c0c0n

c0c0n

c0c0n is the longest running conferences in the area of Information Security and Hacking, in India.

InfoSight

InfoSight

InfoSight offers proven Cyber Security, Regulatory Compliance, Risk Management and Infrastructure Solutions to protect your business and your customers from cyber crime and fraud.

Thero6

Thero6

Thero6 develop dynamic financial analysis algorithms that help prevent coin collapses and theft of cryptocurrency funds by identifying the transaction absolutely throughout the chain.

Stern Cybersecurity

Stern Cybersecurity

Stern Cybersecurity offers a robust defense against the ever-evolving landscape of digital threats.