First Shots Of A New Cyber War

Iran and Saudi Arabia are throwing punches in a virtual war.

After a cyber-attack on an Iranian official website, allegedly launched by a Saudi hacking team, Iranian cyber activists hacked a couple of Saudi websites in response. The move was followed by counter-attacks, which is now raising the question whether the two countries are involved in an outright cyber-war.

According to a report by Al Monitor, numerous Iranian media outlets announced on May 25 that the website of The Statistical Centre of Iran was hacked and temporarily put out of use.

Later on, the portals of Iranian Organization for Registration of Deeds & Properties, the Post Company, and Ahvaz University of Shahid Chamran were also reportedly hacked by unknown groups of hackers. The hackers’ signatures on these websites were “Mafia Hacking Team” and “Da3s Hacker”, TechRasa reported.

News agencies wrote that the hackers were “outside of Iran” but little else was known about them. On May 28, Mizan quoted Iranian Communications Minister Mahmoud Vaezi as saying that the IP of hackers who infiltrated Iran’s government websites was in Europe.

However, many websites speculated that either ISIS or Saudi Arabia had conducted the attack. The low-level attack was followed by two attacks, on Saudi Arabian statistical websites and the portal of King Abdulaziz University on May 26. Tasnim quoted a statement by the Iranian hackers as published on the hacked websites, “Iranian Hackers were here. Hacked by Shahin Sh. Iran Security Team.”

In an article headlined “The Announcement of a Cyber-War by Saudi Arabia against Iran?” Tabnak wrote, “While many websites assumed this website was hacked by [ISIS] … it appears it was a Saudi hacker group.”

Al Monitor quoted Tabnak as rejecting the idea of ISIS involvement because the hackers referred to themselves as “Da3s,” as in “Daesh,” an acronym the terrorist group does not use for itself. A Twitter account associated with Da3s hackers followed a few well-known Saudi accounts, and Tabnak concluded that a Saudi group had conducted the attack with government backing.

The DA3S, which has officially claimed responsibility for the cyber-attacks, wrote on the main page of the hacked websites that it is not linked with the ISIS terrorists group, aka Daesh, and is only “one Sunni Muslim”, Trend quoted Iranian media as saying.

As DA3S sounds like Daesh, it could be mixed up with the Arabic name of the ISIS terrorist group. In any case, the screenshots provided of the hacked website appear to show that the hackers either wanted Iran to know that they were Saudi or that they intended to make it appear that they were.

An article in Iran newspaper, perhaps in an attempt to downplay the speculation and tensions, reported that a source in the Statistical Centre of Iran denied that its website was hacked at all. The official called the problems with the site “a natural issue with no relation to [ISIS] or other individuals.” The official added, “We should not open this small issue wide enough to create rumors across the country.” The official also urged Iranians to not fan the flames of conjecture.

Iran’s Supreme Council of Cyberspace also announced that there was no threat to citizens’ information on the government website. The Council announced that the hackers used fake names for propaganda. The Secretary of the Council stated that these hacks were no surprise, happening everywhere around the world, as even the SWIFT network was attacked recently.

“As the result of the recent hacking of government websites, we can assure you that there are no problems whatsoever regarding citizens’ information,” stated Abolhassan Firouzabadi, Secretary of the Supreme Council of Cyberspace.

Tasnim reported on May 26 that two Saudi statistical websites had been hacked just one day after Iran’s statistics centre was hacked. According to the article, no one had taken responsibility for the hacking, but some social media users speculated that the attacks on the Saudi statistical websites were in revenge for the hacking of Iranian statistical websites.

In a special May 25 report headlined “Saudi Arabia’s Cyber-War against Iran, What Is Iran’s Cyber Army’s Response?” Tasnim wrote that the hacker group Da3s also put an image of former Iraqi President Saddam Hussein on Iran’s statistical website, concluding that the hackers therefore were likely linked to Ba’athists or Takfiri extremist groups.

Tasnim reported that General Gholam-Reza Jalali, who heads Iran’s Civil Defence Organization [a military unit in charge of combating sabotage], had warned that Saudi Arabia intended to conduct cyber-attacks against Iran, though few paid attention to his warnings. Jalali said cyber-attacks would be the prime threat to Iran’s security this year.

Tasnim wrote that the attack on Iran’s statistical centre could be considered the “first bullet in the beginning of a cyber-war.” 

Iran has previously been the victim of cyber-attacks. The United States was behind an attack on Iran’s nuclear facility in Natanz, using a computer worm called Stuxnet, unique in its ability to cause damage.

Iran to Hold Cyber War Games

Speaking to Tasnim, Brigadier General Jalali pointed to cyber threats against Iran, saying that many hostile countries have established cyber armies, and the Islamic Republic is one of their possible targets.

“Holding specialized cyber war games is one of the priorities (of the Civil Defence Organization) this year,” the official said, adding that the exercises are aimed at monitoring and eliminating any problems and weaknesses in the country’s cyber defence network.

The remarks came after reports recently that the Statistics Centre of Iran had been subjected to a cyber-attack by online “hackers”

While some news reports say members of Daesh (ISIL or ISIS) were behind the cyber-attack, others say that a group supported by the Saudi government carried out the attack. Brigadier General Jalali had previously warned that Saudi Arabia was planning a large-scale cyber-attack against Iran.

Ein News:  and  Ein News 2

« Open Source Data Reveals Police Blunders
The CIA Is Driving Cyber Intelligence In Australia »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

D-RisQ

D-RisQ

D-RisQ is focussed on delivering techniques to reduce the development costs of complex systems and software whilst maximising compliance

European Cyber Security Organisation (ECSO)

European Cyber Security Organisation (ECSO)

The main objective of ECSO is to support all types of initiatives or projects that aim to develop, promote and encourage European cybersecurity.

Greenbone Networks

Greenbone Networks

Greenbone Networks delivers a vulnerability analysis solution for enterprise IT which includes reporting and security change management.

DirectDefense

DirectDefense

DirectDefense is an information security services and managed services provider.

Cyber Security Austria (CSA)

Cyber Security Austria (CSA)

Cyber Security Austria (CSA) is an independent non-profit association with the aim to address security issues in the area of IT/cyber security of critical/strategic infrastructures in Austria.

KIOS Center of Excellence (KIOS CoE)

KIOS Center of Excellence (KIOS CoE)

KIOS carries out top level research in the area of Information and Communication Technologies (ICT) with emphasis on the Monitoring, Control and Security of Critical Infrastructures.

Approach

Approach

Approach is a leading provider of cyber security consulting and secure application development services in Belgium.

RangeForce

RangeForce

RangeForce delivers the only integrated cybersecurity simulation and skills analysis platform that combines a virtual cyber range with hand-on training.

CyberInsureOne

CyberInsureOne

At CyberInsureOne, we break down the complex world of cyber insurance, and connect you with providers that can give you and your company peace of mind.

Combined Selection Group (CSG)

Combined Selection Group (CSG)

CSG are Global Talent Experts, we operate across 7 specialist sectors, including Information Technology and Cybersecurity, and take a pro-active approach to executive search and headhunting.

DarkLight

DarkLight

DarkLight is a cybersecurity platform that mimics human thinking at scale to build resiliency to Advanced Persistent Threats.

Cyber Intelligence 4U

Cyber Intelligence 4U

Cyber Intelligence 4U is an educational services company that provides two levels of cybersecurity training programs: executive and technical.

Adaptive Shield

Adaptive Shield

Addaptive Shield - Complete Control For Your SaaS Security. Proactively find and fix weaknesses across your SaaS platforms.

Cyber Readiness Institute (CRI)

Cyber Readiness Institute (CRI)

At the Cyber Readiness Institute, our mission is simple: empower small and medium-sized enterprises with free tools and resources to help them become more secure and resilient.

Insight Enterprises

Insight Enterprises

Insight is a leading solutions integrator, helping you navigate today’s ever-changing business environment with teams of technical experts and decades of industry experience.

VicOne

VicOne

With a vision to secure the vehicles of tomorrow, VicOne delivers a broad portfolio of cybersecurity software and services for the automotive industry.