Since my last post in October, there has been no confirmation of which group was behind the cyber-attack on Westminster, or the role of the Iranian government in sponsoring or tasking the attackers (as noted in my last blog, The Times newspaper reported that the Iranian state was likely behind the attack). Since then, the Israeli General Nadav Padan, in charge of Israel's network security, has spoken out about the growing number of attacks orchestrated by Iranian state-sponsored hackers against Israel. General Padan, who is Head of the IDF C41 Cyber Defese Directorate, told the Reuters Cyber Security Summit that Iran is now responsible for many of the thousands of attacks carried out on Israel each day. The controversial nature of Israeli Foreign Policy continues to stimulate acts of retribution from the Arab states, and Iranian cyber-attacks will, at least to some extent, represent long-standing resentment caused by the Stuxnet attack - rumored to have been carried out jointly by Israel and the US in 2010. This is surely evidence that Iran is continuing to wage war in the cyber domain.
General Nadav Padan Iran has featured heavily in the news of late. John Kerry (former US Secretary), recently rebuffed Donald Trump's claims that Iran is violating the Joint Comprehensive Plan of Action (JCOPA), arguing that there is no 'scientific bases' and 'no evidence' for Trump's claims, and that retaining the Iran nuclear deal is key to preventing a nuclear arms race in the Middle-East. Whilst there may be no evidence to indicate that Iran is defying the terms of the nuclear deal, the USA remains at the center of the cyber-attacks (see my earlier article: Iranian Hacking Threat to US if Nuclear Deal Collapses). However, last month's attack on the UK Parliament demonstrates that Iranian hostility is not confined to the US and Israel; the governments of other Western states are also being targeted. In the meantime, the people of Iran continue to suffer 'collateral damage', as they lose out form US government restrictions that prevent Iranians from hosting apps on the Apple and Google app stores. Iranians had previously been able to access and download Apple and Google software (as Communications Technology was exempt from the Iran embargo), and activists are putting pressure on Office of Foreign Assets Control (OFAC) to return to the Obama administration policy.
The United Kingdom (UK) Parliament appears to have been hacked by Iran. The cyber-attack on 23 June 2017 was a brute-force attack against 9000 email accounts including the UK Prime Minister Theresa May and in total between 30 to 90 members of Parliament.
The UK Times newspaper which broke the story, said that it was Iran’s first significant act of cyber-warfare on the UK and underlines its emergence as one of the world’s biggest cyber powers and that Iran is highly capable of such attacks.
The decision to publish the information now is interesting, coming after the US President Donald Trump's intent to withdraw from the JCPOA (Joint Comprehensive Plan of Action) against Iran, which could threaten to re-instate sanctions against Iran. The UK, France and Germany do not agree with the USA on the matter. Without complete agreement, perhaps Iran will not suffer from any new sanctions against it, as it appears that Iran has not violated any of the sanctions.
Iranian regime attack or amateur hackers?
The attack, which was suspected of being originally from Russia, may have been carried out by amateur hackers. At the time of the attack in June, it was said that the attackers could only break into the email accounts of members of Parliament (MPs) which had simple, easy to hack passwords. As a security response at the time, MPs were unable to access their accounts and had to communicate using SMS texts instead. It now seems, however, that the regime may perhaps have after all been behind the attack?
Reasons for the attack
The reasons for the attack are unknown (or at least the British Intelligence services are not saying), but could be:
Exploratory activities: Iran may have been looking for UK data that Iran could then force the UK to make concessions with, or that could compromise the interests of the UK
Iran may have been looking for a trade advantage
More worryingly is the possibility that the IRGC (Iranian Revolutionary Guards Corps) may be seeking to undermine Iran's anti-nuclear proliferation deal in order to get it scrapped; Iran could then restart its nuclear weapons research.
The IRGC are at odds with President Hassan Rouhani, who they see as being too pro-West and the religious leader of the regime, Ayatollah Khamenei is linked with the IRGC, so there is an ongoing rift between the religious and political leadership of Iran, partly due to Rouhani slashing the IRGC's budget to restrict their economic activities.
An uncertain future
In my previous article, it is possible that Iran may seek to increase cyber-attacks against the USA if the US walked away from the JCPOA. Now that President Trump appears to be doing that, even if Germany, UK and France don't agree, we may see an increase in the cyber war from Iran against the West.
