Indra exposed - does Iran have a hacking problem?

It has recently been reported that the Indra hacking group is behind the recent attack on Iranian railway and transport infrastructure. This was publicly exposed on check point research website who named twitter user @Indra17857623 as culprit. This report is very interested as check point research have assessed that Indra is unlikely to be a nation state funded hacking group but then why did they attack Iranian infrastructure?

According to check point research Indra is unlikely to be nation state funded because they said their tools are not sophisticated and they are on twitter which makes them more likely to be a hacktivist group. What is shocking about this is that usually damage against national infrastructure is usually done by other nations however the railway hack clearly suggests that this is not the case anymore.

Check point research say that we should learn the lesson that

we should be more worried about attacks that are possibly but are not going to happen according to wisdom. With all the trouble caused by cybercrimes, hacktivisms and nation state meddling etc the sophistication of attacks is still small and often threat actors do not do thing even though they can and we rely on this too much.

Furthermore check point research also says that this type of attack should cause worry as the only thing stopping the frequency of these attacks is hackers boredom and restraint. In country like Iran where there is little employment and bad economy it is a worry that many skilled hackers could get bored soon and start attacking the state. Should the Islamic Republic be worried about this new hacktivism?

It will be interested to see if this activity persists. Will Indra carry on now that they have been exposed? According to their twitter page Indra is named after the hindu God of war so with such a strong name we can probably expect more from them. They state that they are against the Quds Force and proxies in the region so this might be something that continues for some time to come. 

Protection Bill

This week twitter users are angry about proposed internet protection bill that is being debated in Iranian parliament. The Bill will restrict internet access and threatens instagram one of the only western social media companies not blocked by the Islamic Republic.

However the problem is that many Iranians rely on instagram as a platform for e-commerce where they can earn money. At the moment the economy is in such a bad state that this is the only form of income for many peoples. What will happen if protection bill cancels Instagram?

Although it might still be possible to access instagram with VPN the bill would restrict this access so maybe not. Even if VPNs can still work instagram is much more popular in Iran than other banned networks which need a VPN like twitter and facebook. Will people still use instagram if it is not easily accessible? Maybe not, especially when also having to fight against power outages and internet blackouts.

The Iranian government has never liked free access to internet because it exposes their abuses and criticisms. However they have no problem using banned networks when it suits them as Khamenei has twitter. New president Raisi also created a twitter account during the election!

I hope that this protection bill never gets passed. It would be devastating for people and economy but the leaders want to keep peoples down on their knees.