Iranian Hackers Attack The US, Not Very Badly

United States security agencies are seeing an increase in cyber security threats, as Iranian officials vow revenge against the US, for killing a top general.

The Department of Homeland Security’s cybersecurity team released an advisory  on Monday 6th warning public and private sector organisations of increased cyberattacks after the United States using a drone strike in Baghdad killed Iranian General Qasem Soleimani, a very influential leader in the Middle East. 

The guidance from DHS’ Cybersecurity and Infrastructure Security Agency, which is charged with protecting critical infrastructure from cyberattacks, recommended that organisations review their emergency preparedness plans and stay up to date on current threat intelligence. 

The advisory comes as CISA and other government entities prepare for retaliatory action from Iran that has attacked US bases in Iraq and other attacks that experts say has already included cyberattacks on the US.

The city of Las Vegas experienced a cyber compromise at 4:30 a.m local time on Tuesday 7th. The city’s Information Technologies Department is assessing the extent of the compromise. When aware of the attempt, the city immediately took steps to protect its data systems. People interfacing with the city may experience brief interruptions of service, but so far those interruptions have been minimal. The city will have a clearer picture of the extent of the compromise over the next 24 hours.

The breach in Las Vegas comes amid tensions with Iran and a warning from Homeland Security of "potentially disruptive and destructive" Iranian cyber operations.

Texas Governor Greg Abbott warned citizens to be “particularly vigilant” regarding potential cyberterrorism from Iran, suggesting that heightened tensions with the country have caused an increase in attempted attacks on state agencies.
“This is something that everybody in the state of Texas needs to be concerned, prepared and be able to address,” Abbott said Tuesday 7th January during a meeting of the Domestic Terrorism Task Force. This is the force he formed after last year’s anti-Hispanic deadly mass shooting in El Paso. “I think it’s very important that everybody be particularly vigilant about what may happen out of Iran.” he was quoted in the Texas Tribune.

On the same day as he spoke a group of self-described Iranian hackers defaced a Texas government department website.
A website defacement is typically a low-skilled hack in order to spread a particular message and normally doesn't pose any other tangible security risks. However, these defacements are likely to receive more attention at this moment due to heightening tensions between the US and Iran and the fact that they are visible on public websites. 

Obviously this come after last week’s US attack when President Trump ordered the assassination of Iranian military commander Qassem Soleimani, which Iran has vowed to respond to. "Hacked by Iranian Hacker," the defacement on the site of the Texas Department of Agriculture reads, along with an image of Soleimani. The defacement claims "Shield Iran" carried it out. Other recent defacements, including those against the Sierra Leone Commercial Bank. 

Even though the defacement itself attributed responsibility to a particular group, it is difficult from the outset to know exactly who carried it out.

The defacement shouted-out several different nicknames. A Google search of one of those led to another, previous defacement, which said "Long live Ashiyane." Ashiyane was an established Iranian hacking forum. A Google search for terms included in the defacement led to several other websites with the same or similar image. One for the Parikrma Humanity Foundation, a non-profit in Bangalore, contained largely the same defacement but also included a rap music track. The site for the South Alabama Veterans Council was also hit.   

Another US government website was also hit. This was the Federal Depository Library Program, included an image of President Trump being punched in the face. "Hacked by Iran Cyber Security Group Hackers," the defacement read.
Although Iran does not have the same calibre of cyber capability as Russia, China, or the US, its hackers can still do damage and be particularly aggressive.

In 2012 hackers working for Iran knocked out 30,000 computers belonging to Saudi state oil company Saudi Aramco. 

Vice      Texas Tribune:       Fifth Domain:        NBC News 3 LV:

You might Also Read: 

Iran's Cyberwar Response To Its General's Killing:
 

 

« 2020: Top Issues In Cyber Security
British National Cyber Security Chief Steps Down »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

ZDL Group

ZDL Group

At ZDL (formerly ZeroDayLab) we take a comprehensive view of our clients cyber security risks and provide quality services to address those risk

Quantivate

Quantivate

Quantivate is a provider of web-based Governance, Risk, and Compliance (GRC) software and service solutions.

Resolver

Resolver

Resolver’s Integrated Risk Management platform helps plan and prepare your organization to limit the likeliness or impact of security risk and compliance events from occurring.

London Office for Rapid Cybersecurity Advancement (LORCA)

London Office for Rapid Cybersecurity Advancement (LORCA)

LORCA's mission is to support the most promising cyber security innovators in growing solutions to meet the most pressing industry challenges and build the UK’s international cyber security profile.

National Center for Manufacturing Sciences (NCMS) - USA

National Center for Manufacturing Sciences (NCMS) - USA

NCMS is a cross-industry technology development consortium, dedicated to improving the competitiveness of the US industrial base. Strategic initiatives include industrial cyber security.

Police Digital Security Centre (PDSC)

Police Digital Security Centre (PDSC)

PDSC is a not-for-profit organisation, owned by the police, that works across the UK in partnership with industry, government, academia and law enforcement.

CONCORDIA

CONCORDIA

Concordia is a Cybersecurity Competence Network with leading research, technology, and competences to build the European Secure, Resilient and Trusted Ecosystem.

Cyber Smart Defense

Cyber Smart Defense

Cyber Smart Defense is a specialist provider of penetration testing services and IT security audits.

BridgingMinds Network

BridgingMinds Network

BridgingMinds Network is an industry leading best practices and IT security training provider in Singapore.

HACKNER Security Intelligence

HACKNER Security Intelligence

HACKNER Security Intelligence is an independent security consultancy delivering comprehensive security assessments across IT security, physical security, and social engineering.

Digimune

Digimune

Digimune is an all-encompassing cloud-based cyber risk protection platform that guards you against the dangers of our digital world.

Zama

Zama

Zama - pioneering homomorphic encryption. We believe people shouldn't care about privacy. Not because it doesn't matter, but because it shouldn't be an issue!

HIFENCE

HIFENCE

HIFENCE delivers cybersecurity and networking services that make your company safer and more secure. That’s all we do, so you can concentrate on all the things that you do best.

MARS Suite

MARS Suite

MARS Suite is your all-in-one solution for cyber protection & compliance. Cybersecurity and risk management is what we do best. And we’re making it simple and easy.

Nothreat

Nothreat

Nothreat has revolutionized how businesses like yours protect themselves from damaging cyber attacks. Our tech learns and adapts in real time, protecting clients from even zero-day attacks.

Harmonia Holdings Group

Harmonia Holdings Group

Harmonia Holdings Group was born in 2006 with the vision to bring innovation and change to the federal IT sector.