Contactez-nous Suivez-nous sur Twitter En francais English Language

De la Théorie à la pratique

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN



No Iranian cyber attack on the US? ‘It’s not that simple,’ security expert tells GlobalData

January 2020 by GlobalData

The spectre of an Iranian cyberattack loomed large following the assassination of Iran’s general, Qasem Soleimani, but it has so far – publicly, at least – gone unrealised.

GlobalData’s technology deputy editor Rob Scammell assesses the situation. Scammell says: “Tensions between Iran and the US have simmered after Tehran admitted it mistakenly shot down a Ukrainian passenger jet, killing all 176 people onboard.

“While the rhetoric on both sides has been dialled down, cybersecurity experts warn that any Iranian cyber-response would likely come in the coming weeks and months – not imminently.

“This is in part because Iran, in all likelihood, does not currently have the access to US computer systems that it needs to launch what it deems a commensurate response.

“When carrying out a cyberattack, hackers often use a process known as ‘lateral movement’ to move around the target’s network, searching for the key data and assets before striking.

Dave Weinstein, chief security officer for cybersecurity firm Claroty and a formerly of US Cyber Command, tells GlobalData: “Given the fact that we didn’t see anything in the immediate aftermath that was cyber-related, tells me that they probably didn’t have the assets that they needed to be able to pull off a proportionate response. So what we’ll see I think in the coming weeks and in the coming months is just more and more operations geared at gaining that access.”

In the immediate aftermath of the deadly airstrike against Soleimani on 3 January, hackers claiming to be “Iran cyber security group hackers” defaced a minor US government website with a picture of a bloodied President Donald Trump.

Malcolm Taylor, director of cybersecurity at ITC Secure and formerly of GCHQ, tells GlobalData: “We did not see much more than that, but of course it isn’t that simple. For example, it could be argued that a very strong Iranian cyber response may well have gone unnoticed – and could be in the form of laying down capability for later in case of increased tension with the US.”

This access to US networks, he tells GlobalData, would form a “contingency” that could be kept quiet until needed by Iran. “Intelligence agencies love back pocket material like this,” he concludes.

See previous articles


See next articles