Escalating Cyberwar between Iran and US

Uploaded on 2015-03-03 in GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW, INTELLIGENCE-Hot Spots-Iran, INTELLIGENCE--USA, NEWS-Cybersecurity News, TECHNOLOGY--Hackers

A newly disclosed National Security Agency document illustrates the striking acceleration of the use of Cyber weapons by the United States and Iran against each other, both for spying and sabotage.
The release comes even as Secretary of State John Kerry and his Iranian counterpart met in Geneva to try to break a stalemate in the talks over Iran’s disputed nuclear program.

The document, which was written in April 2013 for Gen. Keith B. Alexander, then director of the NSA, described how Iranian officials had discovered new evidence the year before that the United States was preparing computer surveillance or cyberattacks on their networks.
It detailed how the US and Britain had worked together to contain the damage from “Iran’s discovery of computer network exploitation tools” - the building blocks of cyber weapons.
That was more than two years after the Stuxnet worm attack by the US and Israel severely damaged the computer networks at Tehran’s nuclear enrichment plant.
The document, which was first reported by The Intercept, an online publication that grew out of the disclosures by Edward J. Snowden, the former NSA contractor, did not describe the targets.
But for the first time, the surveillance agency acknowledged that its attacks on Iran’s nuclear infrastructure, a George W. Bush administration program, kicked off the cycle of retaliation and escalation that has come to mark the computer competition between the United States and Iran.
The document suggested that even while the high-stakes nuclear negotiations played out in Europe, day-to-day hostilities between the United States and Iran had moved decisively into cyberspace.
A former senior intelligence official who looked at the two-page document said it provided “more evidence of how far behind we are in figuring out how to deter attacks, and how to retaliate when we figured out who was behind them.”
The document declares that American intercepts of voice or computer communications showed that three waves of attacks against US banks that began in August 2012 were launched by Iran “in retaliation to Western activities against Iran’s nuclear sector,” and added that “senior officials in the Iranian government are aware of these attacks.”
The main targets were the websites of Bank of America and JPMorgan Chase. By 2015 standards, those were relatively unsophisticated “denial of service” strikes that flooded the banks with data, so overloading them it was impossible for a time for customers to access their accounts.
More recently, the Obama administration, in an effort to deter attacks, has grown less reticent about naming countries that the administration believes are responsible for such attacks. In May, five members of the Chinese People’s Liberation Army were indicted on a charge of stealing intellectual property from American companies.
And in December, President Barack Obama said he had evidence that North Korea’s leadership was behind an attack on Sony Pictures Entertainment, though he did not provide details. The New York Times later reported that the NSA had gathered the evidence from implants it had placed in North Korean computers beginning in 2010.
http://cyberwar.einnews.com/article/251329595/ArYatoR41ThPBh5J

« FBI Close to Finding Anthem Health Hackers
The Spy Cables: A Glimpse into Espionage »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Security Brokers

Security Brokers

Security Brokers focus services and solutions with a focus on strategic ICT Security and Cyber Defense issues.

NetFort

NetFort

NetFort provides software products to monitor activity on virtual and physical networks.

Protiviti

Protiviti

Protiviti consulting solutions span critical business problems in technology, business process, analytics, risk, compliance, transactions and internal audit.

Dark Cubed

Dark Cubed

Dark Cubed is an easy-to-use cyber security software as a service (SaaS) platform that deploys instantly and delivers enterprise-grade threat identification and protection at a fraction of the cost.

Fair Isaac Corporation (FICO)

Fair Isaac Corporation (FICO)

FICO provides analytics software and tools used across multiple industries to manage risk, fight fraud, optimize operations and meet strict government regulations.

Sera-Brynn

Sera-Brynn

Sera-Brynn is one of the highest-ranked, pure-play cybersecurity compliance and advisory firms in the world.

RHEA Group

RHEA Group

RHEA Group offers aerospace and security engineering services and solutions, system development, and technologies including cyber security.

At-Bay

At-Bay

At-Bay is the world’s first InsurSec provider designed from the ground up to help businesses tackle cyber risk head on.

PAX Momentum

PAX Momentum

PAX Momentum is the Mid-Atlantic’s premier startup accelerator, specializing in cyber, enterprise software, telecom, CleanTech, FinTech, InsureTech, and AI.

Albania Lab

Albania Lab

Albania Lab is a consulting company focused on the development and delivery of digital solutions and IT services including cybersecurity.

OpenAVN (DefenseArk)

OpenAVN (DefenseArk)

Defending your life online, keeping your data safe and private. We detect digital threats magnitudes faster than the leading antivirus software.

Bugbank

Bugbank

Bugbank (aka Vulnerability Bank) is a leading SaaS platform for internet security services in China.

Bluefin Payment Systems

Bluefin Payment Systems

Bluefin is the recognized integrated payments leader in encryption and tokenization technologies that protect payments and sensitive data.

Ebryx

Ebryx

At Ebryx, we are at the forefront of cybersecurity innovation, leveraging over a decade of expertise to protect and empower organizations worldwide.

When Group

When Group

World Health Energy Holdings, Inc. (d/b/a WHEN Group) is a High Tech Holding Company that specializes in the Cyber, Security and Telecom area.

SUCCESS Computer Consulting

SUCCESS Computer Consulting

SUCCESS Computer Consulting is a leader in managed IT and security services for small and medium-sized businesses in Minneapolis, St. Paul, and the surrounding Twin Cities Metro area.