First Shots Of A New Cyber War

Iran and Saudi Arabia are throwing punches in a virtual war.

After a cyber-attack on an Iranian official website, allegedly launched by a Saudi hacking team, Iranian cyber activists hacked a couple of Saudi websites in response. The move was followed by counter-attacks, which is now raising the question whether the two countries are involved in an outright cyber-war.

According to a report by Al Monitor, numerous Iranian media outlets announced on May 25 that the website of The Statistical Centre of Iran was hacked and temporarily put out of use.

Later on, the portals of Iranian Organization for Registration of Deeds & Properties, the Post Company, and Ahvaz University of Shahid Chamran were also reportedly hacked by unknown groups of hackers. The hackers’ signatures on these websites were “Mafia Hacking Team” and “Da3s Hacker”, TechRasa reported.

News agencies wrote that the hackers were “outside of Iran” but little else was known about them. On May 28, Mizan quoted Iranian Communications Minister Mahmoud Vaezi as saying that the IP of hackers who infiltrated Iran’s government websites was in Europe.

However, many websites speculated that either ISIS or Saudi Arabia had conducted the attack. The low-level attack was followed by two attacks, on Saudi Arabian statistical websites and the portal of King Abdulaziz University on May 26. Tasnim quoted a statement by the Iranian hackers as published on the hacked websites, “Iranian Hackers were here. Hacked by Shahin Sh. Iran Security Team.”

In an article headlined “The Announcement of a Cyber-War by Saudi Arabia against Iran?” Tabnak wrote, “While many websites assumed this website was hacked by [ISIS] … it appears it was a Saudi hacker group.”

Al Monitor quoted Tabnak as rejecting the idea of ISIS involvement because the hackers referred to themselves as “Da3s,” as in “Daesh,” an acronym the terrorist group does not use for itself. A Twitter account associated with Da3s hackers followed a few well-known Saudi accounts, and Tabnak concluded that a Saudi group had conducted the attack with government backing.

The DA3S, which has officially claimed responsibility for the cyber-attacks, wrote on the main page of the hacked websites that it is not linked with the ISIS terrorists group, aka Daesh, and is only “one Sunni Muslim”, Trend quoted Iranian media as saying.

As DA3S sounds like Daesh, it could be mixed up with the Arabic name of the ISIS terrorist group. In any case, the screenshots provided of the hacked website appear to show that the hackers either wanted Iran to know that they were Saudi or that they intended to make it appear that they were.

An article in Iran newspaper, perhaps in an attempt to downplay the speculation and tensions, reported that a source in the Statistical Centre of Iran denied that its website was hacked at all. The official called the problems with the site “a natural issue with no relation to [ISIS] or other individuals.” The official added, “We should not open this small issue wide enough to create rumors across the country.” The official also urged Iranians to not fan the flames of conjecture.

Iran’s Supreme Council of Cyberspace also announced that there was no threat to citizens’ information on the government website. The Council announced that the hackers used fake names for propaganda. The Secretary of the Council stated that these hacks were no surprise, happening everywhere around the world, as even the SWIFT network was attacked recently.

“As the result of the recent hacking of government websites, we can assure you that there are no problems whatsoever regarding citizens’ information,” stated Abolhassan Firouzabadi, Secretary of the Supreme Council of Cyberspace.

Tasnim reported on May 26 that two Saudi statistical websites had been hacked just one day after Iran’s statistics centre was hacked. According to the article, no one had taken responsibility for the hacking, but some social media users speculated that the attacks on the Saudi statistical websites were in revenge for the hacking of Iranian statistical websites.

In a special May 25 report headlined “Saudi Arabia’s Cyber-War against Iran, What Is Iran’s Cyber Army’s Response?” Tasnim wrote that the hacker group Da3s also put an image of former Iraqi President Saddam Hussein on Iran’s statistical website, concluding that the hackers therefore were likely linked to Ba’athists or Takfiri extremist groups.

Tasnim reported that General Gholam-Reza Jalali, who heads Iran’s Civil Defence Organization [a military unit in charge of combating sabotage], had warned that Saudi Arabia intended to conduct cyber-attacks against Iran, though few paid attention to his warnings. Jalali said cyber-attacks would be the prime threat to Iran’s security this year.

Tasnim wrote that the attack on Iran’s statistical centre could be considered the “first bullet in the beginning of a cyber-war.” 

Iran has previously been the victim of cyber-attacks. The United States was behind an attack on Iran’s nuclear facility in Natanz, using a computer worm called Stuxnet, unique in its ability to cause damage.

Iran to Hold Cyber War Games

Speaking to Tasnim, Brigadier General Jalali pointed to cyber threats against Iran, saying that many hostile countries have established cyber armies, and the Islamic Republic is one of their possible targets.

“Holding specialized cyber war games is one of the priorities (of the Civil Defence Organization) this year,” the official said, adding that the exercises are aimed at monitoring and eliminating any problems and weaknesses in the country’s cyber defence network.

The remarks came after reports recently that the Statistics Centre of Iran had been subjected to a cyber-attack by online “hackers”

While some news reports say members of Daesh (ISIL or ISIS) were behind the cyber-attack, others say that a group supported by the Saudi government carried out the attack. Brigadier General Jalali had previously warned that Saudi Arabia was planning a large-scale cyber-attack against Iran.

Ein News:  and  Ein News 2

« Open Source Data Reveals Police Blunders
The CIA Is Driving Cyber Intelligence In Australia »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

MixMode

MixMode

MixMode's PacketSled platform delivers network monitoring, deep forensic analysis and incident response.

MailXaminer

MailXaminer

MailXaminer is an advance and powerful email investigation platform that scans digital data, performs analysis, reports on findings and preserves them in a court validated format.

HelseCERT

HelseCERT

HelseCERT is the health and care sector's national information security center for Norway.

i-Sprint Innovations

i-Sprint Innovations

i-Sprint is a leader in Securing Identity and Transactions in the Cyber World for industries that are security sensitive.

Magix Security

Magix Security

Magix Security assesses the cyber threat, gives you visibility of how vulnerable your business is to attack, and provides cybercrime detection and prevention services.

NSEIT

NSEIT

NSEIT offers end-to-end Information Technology products, solutions and services including cybersecurity to organizations in the financial sector.

Sigma IT

Sigma IT

SIGMA IT is one of the largest IT services organizations in EMEA region providing a full range of solutions and services including cybersecurity, data protection and business continuity.

SHe CISO Exec

SHe CISO Exec

SHe CISO Exec is a sustainable global training and mentoring platform in information security and leadership.

Guidehouse

Guidehouse

Guidehouse is a leading global provider of consulting services to the public and commercial markets with broad capabilities in management, technology, and risk consulting.

Predatech

Predatech

A cyber security consultancy offering a range of services, including CREST accredited penetration testing, vulnerability assessments and certifications incl. Cyber Essentials & Cyber Essentials Plus.

Centraleyes

Centraleyes

Centraleyes (formerly CyGov) is a cutting-edge integrated cyber risk management platform that gives organizations unparalleled understanding of their cyber risk and compliance.

Noblis

Noblis

Noblis is a dynamic science, technology, and strategy organization dedicated to creating forward-thinking technical and advisory solutions in the public interest.

Center for Medical Device Cybersecurity (CMDC) - University of Minnesota

Center for Medical Device Cybersecurity (CMDC) - University of Minnesota

CMDC’s mission is to foster university-industry-government partnerships to assure that medical devices are safe and secure from cybersecurity threats.

BluescreenIT (BIT)

BluescreenIT (BIT)

BluescreenIT is an IT Security Consultancy and IT and Cyber Security Training company supporting industry, local authorities, MoD and governmental IT departments.

MIND

MIND

MIND is the first-ever data security platform that puts data loss prevention and insider risk management programs on autopilot, so you can automatically identify, detect and prevent data leaks.

SITS Group

SITS Group

SITS Group excel in delivering a comprehensive range of Cyber Security consulting and managed services, from cloud transformation to risk management.