First Shots Of A New Cyber War

Iran and Saudi Arabia are throwing punches in a virtual war.

After a cyber-attack on an Iranian official website, allegedly launched by a Saudi hacking team, Iranian cyber activists hacked a couple of Saudi websites in response. The move was followed by counter-attacks, which is now raising the question whether the two countries are involved in an outright cyber-war.

According to a report by Al Monitor, numerous Iranian media outlets announced on May 25 that the website of The Statistical Centre of Iran was hacked and temporarily put out of use.

Later on, the portals of Iranian Organization for Registration of Deeds & Properties, the Post Company, and Ahvaz University of Shahid Chamran were also reportedly hacked by unknown groups of hackers. The hackers’ signatures on these websites were “Mafia Hacking Team” and “Da3s Hacker”, TechRasa reported.

News agencies wrote that the hackers were “outside of Iran” but little else was known about them. On May 28, Mizan quoted Iranian Communications Minister Mahmoud Vaezi as saying that the IP of hackers who infiltrated Iran’s government websites was in Europe.

However, many websites speculated that either ISIS or Saudi Arabia had conducted the attack. The low-level attack was followed by two attacks, on Saudi Arabian statistical websites and the portal of King Abdulaziz University on May 26. Tasnim quoted a statement by the Iranian hackers as published on the hacked websites, “Iranian Hackers were here. Hacked by Shahin Sh. Iran Security Team.”

In an article headlined “The Announcement of a Cyber-War by Saudi Arabia against Iran?” Tabnak wrote, “While many websites assumed this website was hacked by [ISIS] … it appears it was a Saudi hacker group.”

Al Monitor quoted Tabnak as rejecting the idea of ISIS involvement because the hackers referred to themselves as “Da3s,” as in “Daesh,” an acronym the terrorist group does not use for itself. A Twitter account associated with Da3s hackers followed a few well-known Saudi accounts, and Tabnak concluded that a Saudi group had conducted the attack with government backing.

The DA3S, which has officially claimed responsibility for the cyber-attacks, wrote on the main page of the hacked websites that it is not linked with the ISIS terrorists group, aka Daesh, and is only “one Sunni Muslim”, Trend quoted Iranian media as saying.

As DA3S sounds like Daesh, it could be mixed up with the Arabic name of the ISIS terrorist group. In any case, the screenshots provided of the hacked website appear to show that the hackers either wanted Iran to know that they were Saudi or that they intended to make it appear that they were.

An article in Iran newspaper, perhaps in an attempt to downplay the speculation and tensions, reported that a source in the Statistical Centre of Iran denied that its website was hacked at all. The official called the problems with the site “a natural issue with no relation to [ISIS] or other individuals.” The official added, “We should not open this small issue wide enough to create rumors across the country.” The official also urged Iranians to not fan the flames of conjecture.

Iran’s Supreme Council of Cyberspace also announced that there was no threat to citizens’ information on the government website. The Council announced that the hackers used fake names for propaganda. The Secretary of the Council stated that these hacks were no surprise, happening everywhere around the world, as even the SWIFT network was attacked recently.

“As the result of the recent hacking of government websites, we can assure you that there are no problems whatsoever regarding citizens’ information,” stated Abolhassan Firouzabadi, Secretary of the Supreme Council of Cyberspace.

Tasnim reported on May 26 that two Saudi statistical websites had been hacked just one day after Iran’s statistics centre was hacked. According to the article, no one had taken responsibility for the hacking, but some social media users speculated that the attacks on the Saudi statistical websites were in revenge for the hacking of Iranian statistical websites.

In a special May 25 report headlined “Saudi Arabia’s Cyber-War against Iran, What Is Iran’s Cyber Army’s Response?” Tasnim wrote that the hacker group Da3s also put an image of former Iraqi President Saddam Hussein on Iran’s statistical website, concluding that the hackers therefore were likely linked to Ba’athists or Takfiri extremist groups.

Tasnim reported that General Gholam-Reza Jalali, who heads Iran’s Civil Defence Organization [a military unit in charge of combating sabotage], had warned that Saudi Arabia intended to conduct cyber-attacks against Iran, though few paid attention to his warnings. Jalali said cyber-attacks would be the prime threat to Iran’s security this year.

Tasnim wrote that the attack on Iran’s statistical centre could be considered the “first bullet in the beginning of a cyber-war.” 

Iran has previously been the victim of cyber-attacks. The United States was behind an attack on Iran’s nuclear facility in Natanz, using a computer worm called Stuxnet, unique in its ability to cause damage.

Iran to Hold Cyber War Games

Speaking to Tasnim, Brigadier General Jalali pointed to cyber threats against Iran, saying that many hostile countries have established cyber armies, and the Islamic Republic is one of their possible targets.

“Holding specialized cyber war games is one of the priorities (of the Civil Defence Organization) this year,” the official said, adding that the exercises are aimed at monitoring and eliminating any problems and weaknesses in the country’s cyber defence network.

The remarks came after reports recently that the Statistics Centre of Iran had been subjected to a cyber-attack by online “hackers”

While some news reports say members of Daesh (ISIL or ISIS) were behind the cyber-attack, others say that a group supported by the Saudi government carried out the attack. Brigadier General Jalali had previously warned that Saudi Arabia was planning a large-scale cyber-attack against Iran.

Ein News:  and  Ein News 2

« Open Source Data Reveals Police Blunders
The CIA Is Driving Cyber Intelligence In Australia »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Giesecke+Devrient (G+D)

Giesecke+Devrient (G+D)

Giesecke+Devrient develop security technologies in four major areas: enabling secure payment, providing trusted connectivity, safeguarding identities and protecting digital infrastructures.

FedRAMP

FedRAMP

FedRAMP, is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.

NXO France

NXO France

NXO is an independent leader in the integration and management of digital workflows with services covering digital infrastructures, communications & collaboration, and security.

Bangladesh Association of Software & Information Services (BASIS)

Bangladesh Association of Software & Information Services (BASIS)

BASIS is the national trade body for Software & IT Enabled Service industry of Bangladesh.

LEADS

LEADS

LEADS is considered as a leading ICT Solution Provider and an IT partner of choice in Bangladesh.

Data Terminator

Data Terminator

Data Terminator provide a comprehensive range of secure data destruction equipment and services are in compliance to US Department of Defense (DoD) and National Security Agency (NSA) standards.

Intraprise Health

Intraprise Health

Intraprise Health is a Certified HITRUST Assessor and award-winning provider of health information security products and services.

Qualcomm Technologies

Qualcomm Technologies

Qualcomm invents breakthrough technologies that transform how the world connects, computes and communicates.

StateRAMP

StateRAMP

StateRAMP reduces risk from unsecure cloud solutions and protects data by providing State and local governments a standardized approach for verifying and monitoring security postures.

Reliance Cyber

Reliance Cyber

Reliance Cyber (formerly Reliance ACSN) help to monitor and manage your organisation’s security infrastructure 24/7, so you can make sure all threats and issues are dealt with.

Drata

Drata

Drata is a security and compliance automation platform that continuously monitors and collects evidence of a company's security controls, while streamlining workflows to ensure audit-readiness.

Match Systems

Match Systems

Match Systems provides blockchain investigations, KYC, KYT, AML, Due Diligence and compliance services.

Kubus Hitam

Kubus Hitam

Kubus Hitam are a research-based company focused on cyber security. we strongly believe that innovation and safety are the two keywords for the future business market.

Coffee Cup Solutions

Coffee Cup Solutions

We offer a full spectrum of IT Services, from our UK based Helpdesk to IT Consultancy and Cyber Security. Our team has the skills and experience to develop, deliver and manage IT for your business.

Solcon Capital

Solcon Capital

Solcon Capital is a forward-looking, technology-focused investment firm that is committed to identifying and investing in the most promising areas of innovation and development in the tech industry.

Rapifuzz

Rapifuzz

At Rapifuzz, our goal is to help organizations test and secure their APIs enabling trust, innovation and Seamless Secured Digital Experiences.