US Officials are now preparing for Iranian cyberattacks. According to FBI Director Christopher Wray, “The cyber targeting of American interests and critical infrastructure that we already see conducted by Iran and non-state actors alike we can expect to get worse if the conflict expands.”
According to this recent news article from Politico, Iran supports a network of sophisticated cyber operations that are similar in capacity to those in Russia and China. With the current conflict in Gaza and the fact that Tehran has launched attacks against the US in the past, the risk is even higher now. They are funded, capable, and now more motivated.
Most attacks are a result of an attacker stumbling across a vulnerable system or exploitable weakness that already exists. When we are talking about nation-state attacks, the game changes. The motivation is to do damage, not about monetary gain or bragging rights. Attackers will use techniques, not to gain controls or hold data hostage, but to shut down systems to damage an entire nation. To be clear, it won’t matter if you are not contributing millions to the country’s economics or that you are too small to be a contributing factor in cyber warfare. The targets are selected for mass damage. Collateral damage should not be ignored.
The first thing we can do is to be aware that the threats are active. The war in Ukraine appeared to be contained to the local region. With the Israeli-Hamas conflict, the neighboring regions are saturated with tension, and possible retaliation from surrounding regions could expand the war globally.
According to an NBC news article, “The conflict between Israel and Hamas militants in Gaza has set off a chain reaction in the Middle East, and Western officials are increasingly concerned that it could trigger a wider war that draws in more nations.”
Again, that war will likely include cyberattacks, and not just of the ransomware variety.
Preparing systems to protect themselves from global cyberattacks goes beyond the Internet and remote access. Diligence is needed to address our cybersecurity programs to include recovery options, awareness training, and supporting our security teams to detect and respond appropriately to incidents quickly and effectively. These all start with a security plan and an understanding of the current shortcomings of our system’s security.
We must design systems with the ability to thwart cyberattacks and provide quick reactions to attempts from anywhere (i.e. zero-trust). We may not be able to stop a zero-day attack, but being able to detect and respond to them will determine how well we as a nation are prepared for global cyber warfare.
How can Duffy help? Making sure your systems are as secure as possible and that vulnerabilities are reduced is one step you can take against larger threats. Contact us today for an initial vulnerability assessment.