Move Over China, Iran May Have Been Source of Latest Cyberattacks on the U.S.
October 16, 2012 4:25 AM
comment(s) - last by
It appears Iran may have reverse engineered U.S.-made malware and turn it back on the U.S. and its ally
When it comes to cyberaggression against the U.S., the
typical culprit is China
. But growing evidence suggests that a recent round of malware cyberattacks on the U.S. and its Middle Eastern ally Saudi Arabia may have been the work of Iran. Further, the evidence hints that the Iranians may have cleverly turned malware that the U.S. used on it in cybersabotage attempts back on the attackers.
I. Def. Secretary Implies Iran is Behind New Malware Attacks
The attacks in question revolved around a piece of malware
dubbed Shamoon or Disttrack
by security researchers. This particular malware -- which resembles the sophisticated Flame package the U.S.
used to spy on Iran
to attack its oil industry
hit the Saudi Arabian Oil Comp. (Aramco)
, the world's largest oil producer and privately held company.
The New York Times
acknowledge that there has been no formal announcement from Defense Secretary Leon E. Panetta that the attacks originated in Iran, but they say the evidence points to Tehran. One unnamed consultant is quoted as saying, "What the Iranians want to do now is make it clear they can disrupt our economy, just as we are disrupting theirs. And they are quite serious about it."
In a recent speech Sec. Panetta did seem to implicate Iran in a roundabout way, stating, "Iran... [has] undertaken a concerted effort to use cyberspace to its advantage."
DoD Secretary Leon Panetta implied that Iran was behind the latest cyberattacks.
[Image Source: The New York Times]
James A. Lewis, a senior fellow at the
Center for Strategic and International Studies
, comments in an
, "His speech laid the dots alongside each other without connecting them. Iran has discovered a new way to harass much sooner than expected, and the United States is ill-prepared to deal with it."
In addition to causing maintenance headaches for Aramco, the malware attack also lashed out at top U.S. financial institutions, creating difficulties -- in some cases -- for customers accessing accounts. Experts say this is possibly the first time Iran has used malware against its foes; Iran's past cyberwar efforts have focused on crude brute-force methods, such as distributed denial of service (DDoS) strikes.
II. Iran -- More Feisty Than Expected
The attacks show that Iran is proving a more savvy foe technologically than the U.S. anticipated. Much like Iran's
clever spoofing effort
down a U.S. spy drone in early Dec. 2011
, the new attacks show Iran's so-called Passive Defense Organization (PDO) indeed acting in a reactionary manner as its name implies.
In both cases, the U.S. appears to have initiated the first strike, but Iran proved savvy enough to offer a substantial response. That's a big victory for Gholamreza Jalali, a veteran of Iran's Revolutionary Guard, who now leads Irans PDO,
who vowed to
"to fight [Iran's] enemies" in "cyberspace and Internet warfare".
Iran has vowed to defend itself against U.S. cyberagression.
[Image Source: Interplay (cover art for
For the U.S. it represents the entrance into a shadowy and uncertain world in which the playing field is somewhat leveled between the strong and the weak in terms of traditional military. Long outlined by science fiction visionaries like William Gibson, this war is quite different from conventional warfare in that its most powerful weapons may be used without the general public ever knowing.
III. U.S. Sees Its Own Weapons Turned Against it
U.S. Department of Defense
officials reportedly disagreed recently on whether we should announced our cyber-weapons as a deterrent, similar to how America flaunts its nuclear arsenal. However, the prevailing sentiment is that cyberweapons are best kept secret, as there's no tactical gain to mentioning them. Comments one defense official speaking to
, "The countries who need to know we have [cyber-weapons] already know."
Sec. Panetta in his comments suggests that the U.S. needs to up its counter-offensive capabilities in cyberspace to protect itself and its allies. He opines, "We won’t succeed in preventing a cyber attack through improved defenses alone. If we detect an imminent threat of attack that will cause significant, physical destruction in the United States or kill American citizens, we need to have the option to take action against those who would attack us to defend this nation when directed by the president. For these kinds of scenarios, the department has developed that capability to conduct effective operations to counter threats to our national interests in cyberspace."
Some have said that
increased cooperating between the government and private sector firms
(e.g. in this case, the bank industry) in order to protect the market. But such efforts bring thorny issues of
privacy and market meddling
The idea of pre-emptive cyberstrikes is also controversial. That appears to be what the U.S. did against Iran, and it's now apparent that there may have been some reprecussions, when the foe proved less weak and susceptible than expected. The U.S. did
set back Tehran's economy and nuclear ambitions
. But now, as they say, the worm has turned, and it's seeing its own weapons reverse-engineered and turned back at it and its allies.
The U.S. has seen its own cyber-weapons turned against it. [Image Source: TechTear]
Of course such a phenomena isn't unique to the cyber realm, it's important to remember -- after all the U.S. funneled conventional weapons to Saddam Hussein and the Taliban only to see the weapons later turned against it in the hands of terrorists, insurgents, and hostile regimes.
The New York Times
Foreign Policy [blog]
This article is over a month old, voting and posting comments is disabled
RE: Is it 1984 yet?
10/17/2012 2:11:47 AM
Iran is a joke and could hack through a tree branch with a hatchet.
Their nuclear program is based on a 40+ year old russian design, they have no uranium, nobody will sell them uranium, they didn't hack into our UAV but they did a great job taping it back together after it crashed into the ground. I love how they put these pro-elegant twists on everything to make it out in their favor.
UAV crashed, let's say WE HACKED IT
USA got hacked into, let's say WE DID IT
World thinks we got advanced nuclear program, LET'S AGREE AND MAKE THEM SCARED.
The current regieme is a joke. I have Iranian friends who fled in the 70's when their government collapsed and they know more than anybody that the current regieme is a joke.
Keep an eye on them, that's all thats neccessary. War, fear, neurological sparks, all completely unneccessary.
"Spreading the rumors, it's very easy because the people who write about Apple want that story, and you can claim its credible because you spoke to someone at Apple." -- Investment guru Jim Cramer
Iran Accuses U.S., Israel of Causing "Unwanted Slowness" on its Internet
October 4, 2012, 4:34 PM
Saudi Oil Giant Spills Details on How 30,000 of Its Systems Were Hacked
August 27, 2012, 2:32 PM
Oil Exporters Attacked by Malware Similar to That Used to Attack Iran
August 17, 2012, 12:30 PM
Following Defeat, Obama to Reportedly Push Cybersecurity Bill With Executive Orders
August 7, 2012, 7:26 PM
President Obama Scolds Businesses, Urges Passage of Cybersecurity Act
July 20, 2012, 5:16 PM
Chris Poole Retires From Role as 4Chan After a Decade of Success, Struggles
January 23, 2015, 1:45 PM
Study Shows People are Dumb as Ever With Passwords, Still Using "123456"
January 20, 2015, 3:19 PM
Site for "Glitter as a Service" Mail Pranks, ShipYourEnemiesGlitter, Launches
January 13, 2015, 2:22 PM
OS X Yosemite Compromises Security by Retrieving Embedded Email Images
January 13, 2015, 11:30 AM
ISIS JIhadi From NZ Accidentally Shares Location on Twitter, Outs Cohorts in Selfie
January 3, 2015, 11:35 PM
Amazon's Kindle Fire HDX 8.9 Drops to $299 (30 Percent Off) for a Day
December 22, 2014, 10:57 AM
Most Popular Articles
Microsoft Shows Off Latest Windows 10 Build, Preps it for Next Week Release
January 21, 2015, 2:57 PM
Under the Hood: How DirectX 11.3 and 12 Will Supercharge Windows 10 Gaming
January 23, 2015, 12:34 PM
BlackBerry CEO Claims Devs are Violating Net Neutrality by Not Supporting BB10
January 22, 2015, 4:37 PM
Report: Samsung Drops Snapdragon 810 From Galaxy S6, Will Use Its Own Chips
January 21, 2015, 1:47 PM
Will Google Become America's Fifth Major Carrier?
January 22, 2015, 12:42 PM
Latest Blog Posts
Sceptre Airs 27", 120 Hz. 1080p Monitor/HDTV w/ 5 ms Response Time for $220
Dec 3, 2014, 10:32 PM
Costco Gives Employees Thanksgiving Off; Wal-Mart Leads "Black Thursday" Charge
Oct 29, 2014, 9:57 PM
"Bear Selfies" Fad Could Turn Deadly, Warn Nevada Wildlife Officials
Oct 28, 2014, 12:00 PM
The Surface Mini That Was Never Released Gets "Hands On" Treatment
Sep 26, 2014, 8:22 AM
ISIS Imposes Ban on Teaching Evolution in Iraq
Sep 17, 2014, 5:22 PM
More Blog Posts
Copyright 2015 DailyTech LLC. -
Terms, Conditions & Privacy Information