First Shots Of A New Cyber War

Iran and Saudi Arabia are throwing punches in a virtual war.

After a cyber-attack on an Iranian official website, allegedly launched by a Saudi hacking team, Iranian cyber activists hacked a couple of Saudi websites in response. The move was followed by counter-attacks, which is now raising the question whether the two countries are involved in an outright cyber-war.

According to a report by Al Monitor, numerous Iranian media outlets announced on May 25 that the website of The Statistical Centre of Iran was hacked and temporarily put out of use.

Later on, the portals of Iranian Organization for Registration of Deeds & Properties, the Post Company, and Ahvaz University of Shahid Chamran were also reportedly hacked by unknown groups of hackers. The hackers’ signatures on these websites were “Mafia Hacking Team” and “Da3s Hacker”, TechRasa reported.

News agencies wrote that the hackers were “outside of Iran” but little else was known about them. On May 28, Mizan quoted Iranian Communications Minister Mahmoud Vaezi as saying that the IP of hackers who infiltrated Iran’s government websites was in Europe.

However, many websites speculated that either ISIS or Saudi Arabia had conducted the attack. The low-level attack was followed by two attacks, on Saudi Arabian statistical websites and the portal of King Abdulaziz University on May 26. Tasnim quoted a statement by the Iranian hackers as published on the hacked websites, “Iranian Hackers were here. Hacked by Shahin Sh. Iran Security Team.”

In an article headlined “The Announcement of a Cyber-War by Saudi Arabia against Iran?” Tabnak wrote, “While many websites assumed this website was hacked by [ISIS] … it appears it was a Saudi hacker group.”

Al Monitor quoted Tabnak as rejecting the idea of ISIS involvement because the hackers referred to themselves as “Da3s,” as in “Daesh,” an acronym the terrorist group does not use for itself. A Twitter account associated with Da3s hackers followed a few well-known Saudi accounts, and Tabnak concluded that a Saudi group had conducted the attack with government backing.

The DA3S, which has officially claimed responsibility for the cyber-attacks, wrote on the main page of the hacked websites that it is not linked with the ISIS terrorists group, aka Daesh, and is only “one Sunni Muslim”, Trend quoted Iranian media as saying.

As DA3S sounds like Daesh, it could be mixed up with the Arabic name of the ISIS terrorist group. In any case, the screenshots provided of the hacked website appear to show that the hackers either wanted Iran to know that they were Saudi or that they intended to make it appear that they were.

An article in Iran newspaper, perhaps in an attempt to downplay the speculation and tensions, reported that a source in the Statistical Centre of Iran denied that its website was hacked at all. The official called the problems with the site “a natural issue with no relation to [ISIS] or other individuals.” The official added, “We should not open this small issue wide enough to create rumors across the country.” The official also urged Iranians to not fan the flames of conjecture.

Iran’s Supreme Council of Cyberspace also announced that there was no threat to citizens’ information on the government website. The Council announced that the hackers used fake names for propaganda. The Secretary of the Council stated that these hacks were no surprise, happening everywhere around the world, as even the SWIFT network was attacked recently.

“As the result of the recent hacking of government websites, we can assure you that there are no problems whatsoever regarding citizens’ information,” stated Abolhassan Firouzabadi, Secretary of the Supreme Council of Cyberspace.

Tasnim reported on May 26 that two Saudi statistical websites had been hacked just one day after Iran’s statistics centre was hacked. According to the article, no one had taken responsibility for the hacking, but some social media users speculated that the attacks on the Saudi statistical websites were in revenge for the hacking of Iranian statistical websites.

In a special May 25 report headlined “Saudi Arabia’s Cyber-War against Iran, What Is Iran’s Cyber Army’s Response?” Tasnim wrote that the hacker group Da3s also put an image of former Iraqi President Saddam Hussein on Iran’s statistical website, concluding that the hackers therefore were likely linked to Ba’athists or Takfiri extremist groups.

Tasnim reported that General Gholam-Reza Jalali, who heads Iran’s Civil Defence Organization [a military unit in charge of combating sabotage], had warned that Saudi Arabia intended to conduct cyber-attacks against Iran, though few paid attention to his warnings. Jalali said cyber-attacks would be the prime threat to Iran’s security this year.

Tasnim wrote that the attack on Iran’s statistical centre could be considered the “first bullet in the beginning of a cyber-war.” 

Iran has previously been the victim of cyber-attacks. The United States was behind an attack on Iran’s nuclear facility in Natanz, using a computer worm called Stuxnet, unique in its ability to cause damage.

Iran to Hold Cyber War Games

Speaking to Tasnim, Brigadier General Jalali pointed to cyber threats against Iran, saying that many hostile countries have established cyber armies, and the Islamic Republic is one of their possible targets.

“Holding specialized cyber war games is one of the priorities (of the Civil Defence Organization) this year,” the official said, adding that the exercises are aimed at monitoring and eliminating any problems and weaknesses in the country’s cyber defence network.

The remarks came after reports recently that the Statistics Centre of Iran had been subjected to a cyber-attack by online “hackers”

While some news reports say members of Daesh (ISIL or ISIS) were behind the cyber-attack, others say that a group supported by the Saudi government carried out the attack. Brigadier General Jalali had previously warned that Saudi Arabia was planning a large-scale cyber-attack against Iran.

Ein News:  and  Ein News 2

« Open Source Data Reveals Police Blunders
The CIA Is Driving Cyber Intelligence In Australia »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

UL

UL

UL is a safety, security and compliance consulting and certification company. Areas covered include cyber security.

Zerocopter

Zerocopter

Zerocopter enables you to confidently leverage the skills of the world's most knowledgable ethical hackers to secure your applications.

exceet Secure Solutions

exceet Secure Solutions

exceet Secure Solutions is your experienced specialist for Internet of Things (IoT), Heath Telematics, electronic signatures and timestamps and IT security.

Phosphorous Cybersecurity

Phosphorous Cybersecurity

Phosphorus has fully automated remediation of the two biggest IoT vulnerabilities, out of date firmware and default credentials.

Kratikal

Kratikal

Kratikal provides a complete suite of manual and automated security testing services.

Smart Protection

Smart Protection

Smart Protection are experts in brand and trademark protection - we fight against counterfeits and unauthorized usages of brands with machine learning technology.

Get Indemnity

Get Indemnity

Get Indemnity are specialist insurance brokers with experience working on a wide range of innovative business insurance products that combine risk management, indemnity and incident response services.

Nokia

Nokia

Nokia is a proven leader in fixed, mobile and IoT security offering capabilities that range from systems design to integration and support.

SOFTwarfare

SOFTwarfare

SOFTwarfare deliver high-quality, reliable and secure enterprise application integrations through RESTful APIs for Cyber, Ops & Dev.

OffSec

OffSec

OffSec have defined the standard of excellence in penetration testing training. Elite security instructors teach our intense training scenarios and exceptional course material.

Inflexor Ventures

Inflexor Ventures

Inflexor Ventures is a technology focused venture capital firm that invests in early stage companies from seed to Series-A+ stages.

Curity

Curity

The Curity Identity Server brings identity and API security together, enabling highly scalable and secure user access to digital services.

Neosec

Neosec

We’re reinventing API security. Understanding behavior requires data, analytics, and intelligence. Neosec brings XDR techniques to application security.

D2 Network Associates (D2NA)

D2 Network Associates (D2NA)

D2NA help businesses deliver and achieve their goals, through innovative IT solutions, robust cyber security services and proactive IT managed services.

Hackuity

Hackuity

Hackuity is a breakthrough technology solution that rethinks the way of managing IT vulnerabilities in enterprises.

Singtel Innov8

Singtel Innov8

Singtel Innov8, the venture capital arm of the Singtel Group, invests in and partners with innovative technology start-ups globally.