Iran became a major cyber terror threat to the US in the last 12 months and targeted several US government agencies but with regard to the Iranian lack of skills in this area it means that for now it has not been possible that Iran causes significant damage. Iran is more than five years behind countries like China, the US and Russia in terms of cyber capabilities but with the right resources that gap could be removed quickly especially considering Iran is the historical enemy of the US.
Security company Mandiant in its latest report describes Iran's development from cyber-obscurity to becoming a credible but unsophisticated threat. Mandiant is the same company which last year revealed the extent that Chinese government funded cyber espionage was carried out. In the company's report M Trends 2014 it is written that “threat actors” based in Iran "pose an ever-increasing threat due to Iran's historical hostility towards US business and government interests."
The report reveals that it observed "threat actors" based in Iran who target the networks of several US government agencies. In the report it is written that "Employees at a US state government office discovered evidence that someone had accessed multiple systems within their network without authorization. An internal IT department investigation found indications of data theft and unauthorized use of privileged credentials."
The security company said that the data that these actors steal "lacked a discernible focus or demonstrated intent". This suggests that the purpose of the attack is more likely "reconnaissance of the potential target's networks." Attacks that originate in Iran, are on a very low level of technical skill and those carrying out the attacking use off-the-shelf tools which are relatively easy to defend. Mandiant says that the victim detects 75% of all attacks from Iran.
No comments:
Post a Comment