A
report has been recently issued regarding Iran’s
possible plans to carry out cyber
attacks
in USA. This report is really surprising not only because of the
shocking claims but also the identity of the reporters. A Silicon
Valley cyber security Company and a Washington think tank which has
been one of the strong oppositions of the nuclear deal with Iran had
issued this report. The report warns that if US removed the sanctions
against Iran, the Iranian government will use the money to strengthen
its Cyber warfare program.
However,
it is interesting to know that before publication of the report, the
Silicon Valley cyber security company has been sharing his
information about Iran’s cyber warfare with US intelligence
organisations. According to some US government officials, the
information provided by the security company received negative
reactions from the US officials that were trying to reach nuclear
deal with Iran.
Based
on this report, which was written by the cyber security company Norse
in January of this year, Norse company claimed that it had data on
“more than 500,000 attacks on Industrial Control systems over the
last 24 months” referring to the computers that help to run
electricity generation companies, hydroelectric facilities, and other
critical infrastructure in the U.S.
Norse’s
claim of half a million “attacks” is a very large number and they
haven’t explained or shown any evidence in the document to prove
their claim. They have just mentioned that more details are
forthcoming in a report that the company will publish “later this
year.” The bulletin also claims that Iran is targeting computer
systems and Web sites inside the United States.
It
seems that Norse company’s conclusions were based on the idea that
Iran was behind malicious cyber activity just because the traffic was
emanating from particular Internet protocol addresses located in
Iran. But hackers
routinely use IP addresses outside their own country to hide their
true location.
Iranian
cyber attacks against U.S. are not new: the cyber attack on the Sands
casino company destroyed some of the company’s information assets
and Iran was behind an attack on U.S. bank websites in 2012. However,
the Norse document was making some of the most possible serious
claims in cyber security accusing Iran as a country hostile to the
U.S. targeting industrial control systems.
Later,
Norse appeared to remove its findings when its joint report was
published in April and the claim of 500,000 attacks is nowhere
to be found in that document.
The findings also says that Iran specifically targeted Industrial
Control Systems (ICS)
in the United States 47 times during 2014. Yet again, the final
report also doesn’t include that statement.
This
report was intended to present a strategic view of Iran’s
capabilities in cyberspace—which many U.S. officials have described
as growing and dangerous and not to provide evidence for the U.S. to
carry out some retaliatory action before any crime has taken place.
Kurt
Stammberger, who is a senior deputy managing director at Norse,
defended the report by saying that “briefing summaries [such as the
bulletin] make theories that sometimes, at
the
end of the day, aren’t produced by the data”.
Norse’s
critics say that it isn’t definitive enough to say that Iran was
certainly trying to target industrial control systems. And it could
make Iran look like more of a threat than it might actually be.
Even
some of Norse’s critics have said that their ability to collect
huge amounts of technical data is impressive and important. Although
we don’t deny the company’s expertise but they are clearly not an
expert on Iran.
