Iranian Hackers Attack The US, Not Very Badly

United States security agencies are seeing an increase in cyber security threats, as Iranian officials vow revenge against the US, for killing a top general.

The Department of Homeland Security’s cybersecurity team released an advisory  on Monday 6th warning public and private sector organisations of increased cyberattacks after the United States using a drone strike in Baghdad killed Iranian General Qasem Soleimani, a very influential leader in the Middle East. 

The guidance from DHS’ Cybersecurity and Infrastructure Security Agency, which is charged with protecting critical infrastructure from cyberattacks, recommended that organisations review their emergency preparedness plans and stay up to date on current threat intelligence. 

The advisory comes as CISA and other government entities prepare for retaliatory action from Iran that has attacked US bases in Iraq and other attacks that experts say has already included cyberattacks on the US.

The city of Las Vegas experienced a cyber compromise at 4:30 a.m local time on Tuesday 7th. The city’s Information Technologies Department is assessing the extent of the compromise. When aware of the attempt, the city immediately took steps to protect its data systems. People interfacing with the city may experience brief interruptions of service, but so far those interruptions have been minimal. The city will have a clearer picture of the extent of the compromise over the next 24 hours.

The breach in Las Vegas comes amid tensions with Iran and a warning from Homeland Security of "potentially disruptive and destructive" Iranian cyber operations.

Texas Governor Greg Abbott warned citizens to be “particularly vigilant” regarding potential cyberterrorism from Iran, suggesting that heightened tensions with the country have caused an increase in attempted attacks on state agencies.
“This is something that everybody in the state of Texas needs to be concerned, prepared and be able to address,” Abbott said Tuesday 7th January during a meeting of the Domestic Terrorism Task Force. This is the force he formed after last year’s anti-Hispanic deadly mass shooting in El Paso. “I think it’s very important that everybody be particularly vigilant about what may happen out of Iran.” he was quoted in the Texas Tribune.

On the same day as he spoke a group of self-described Iranian hackers defaced a Texas government department website.
A website defacement is typically a low-skilled hack in order to spread a particular message and normally doesn't pose any other tangible security risks. However, these defacements are likely to receive more attention at this moment due to heightening tensions between the US and Iran and the fact that they are visible on public websites. 

Obviously this come after last week’s US attack when President Trump ordered the assassination of Iranian military commander Qassem Soleimani, which Iran has vowed to respond to. "Hacked by Iranian Hacker," the defacement on the site of the Texas Department of Agriculture reads, along with an image of Soleimani. The defacement claims "Shield Iran" carried it out. Other recent defacements, including those against the Sierra Leone Commercial Bank. 

Even though the defacement itself attributed responsibility to a particular group, it is difficult from the outset to know exactly who carried it out.

The defacement shouted-out several different nicknames. A Google search of one of those led to another, previous defacement, which said "Long live Ashiyane." Ashiyane was an established Iranian hacking forum. A Google search for terms included in the defacement led to several other websites with the same or similar image. One for the Parikrma Humanity Foundation, a non-profit in Bangalore, contained largely the same defacement but also included a rap music track. The site for the South Alabama Veterans Council was also hit.   

Another US government website was also hit. This was the Federal Depository Library Program, included an image of President Trump being punched in the face. "Hacked by Iran Cyber Security Group Hackers," the defacement read.
Although Iran does not have the same calibre of cyber capability as Russia, China, or the US, its hackers can still do damage and be particularly aggressive.

In 2012 hackers working for Iran knocked out 30,000 computers belonging to Saudi state oil company Saudi Aramco. 

Vice      Texas Tribune:       Fifth Domain:        NBC News 3 LV:

You might Also Read: 

Iran's Cyberwar Response To Its General's Killing:
 

 

« 2020: Top Issues In Cyber Security
British National Cyber Security Chief Steps Down »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

National Authority Against Electronic Attacks (NAAEA) - Greece

National Authority Against Electronic Attacks (NAAEA) - Greece

The National Authority Against Electronic Attacks (NAAEA) is the national computer emergency response team of Greece.

Conscia

Conscia

Conscia provides IT infrastructure solutions and 24/7 services in network, data center, security and mobility.

Modux

Modux

Modux focus on a number of core competencies across cyber security including; cyber intelligence & analytics, penetration testing and training.

CLDigital

CLDigital

CLDigital's no-code risk and resilience platform, CL360, provides leaders with risk and resilience data to make strategic and tactical continuity decisions.

Seculert

Seculert

The Seculert Attack Detection & Analytics Platform combines machine-learning based analytics and threat intelligence to automatically detect cyber attacks inside the network.

itbox.online

itbox.online

Itbox.online offers IT solutions to ensure that your company's technologies are always available and secure as your business demands.

Hallam-ICS

Hallam-ICS

Hallam-ICS designs MEP systems for facilities and plants, control and automation solutions, and ensures safety and regulatory compliance.

DataCloak

DataCloak

DataCloak is an innovation company that focus on providing enterprise data-in-motion security solutions based on zero-trust security technology.

Thridwayv

Thridwayv

Thirdwayv helps your enterprise realize the full potential of loT connectivity. All while neutralizing security threats that can run ruin the customer experience - and your reputation.

Brighterion

Brighterion

Brighterion solutions stop payment and acquirer fraud, reduce credit risk and delinquency, fight financial crime, prevent healthcare fraud, waste and abuse, and more.

TrueFort

TrueFort

TrueFort take an application-first approach that offers comprehensive protection for real-time visibility and analysis, protection and better communication across business, IT, and security teams.

Reliance Cyber

Reliance Cyber

Reliance Cyber (formerly Reliance ACSN) help to monitor and manage your organisation’s security infrastructure 24/7, so you can make sure all threats and issues are dealt with.

East Midlands Cyber Resilience Centre (EMCRC)

East Midlands Cyber Resilience Centre (EMCRC)

The East Midlands Cyber Resilience Centre is set up to support and help protect businesses across the region against cyber crime.

Ontinue

Ontinue

Ontinue ION is an MXDR service that provides Nonstop SecOps through five key capabilities that enable your organization to respond to attacks and continuously reduce risk.

Sphinx

Sphinx

Sphinx provide advanced security consulting services and cyber solutions to federal and private industry.

UBDS Digital

UBDS Digital

UBDS Digital is your Digital Lifecycle Partner for Secure Cloud Transformation.