Iran’s Potential Cyber Retribution Strategies Against US – 3 Experts Comments

In response to US actions against Iran and the potential of escalation on the cyber front, three cybersecurity experts with KnowBe4 with strong defense and national security background offer perspective.

Experts Comments

January 07, 2020
James McQuiggan
Security Awareness Advocate
KnowBe4
While the USA is always a target to nation states, organizations should be aware of a potential targeted cyber attack due to the recent actions by the US government. Organizations will want to be on alert, but not to panic. There have been no attributed attacks as of yet and while the USA is always under a cyber attack, there is a need for additional monitoring and awareness within their networks. Respectively, organizations having a robust security program should already be actively.....Read More
While the USA is always a target to nation states, organizations should be aware of a potential targeted cyber attack due to the recent actions by the US government. Organizations will want to be on alert, but not to panic. There have been no attributed attacks as of yet and while the USA is always under a cyber attack, there is a need for additional monitoring and awareness within their networks. Respectively, organizations having a robust security program should already be actively monitoring for unusual activity. They want to be vigilant to remote access connections by making sure all supply chain access is monitored, authorized and considered valid. It's important for organizations to alert their human firewalls with training and education about potential attacks and a strong awareness to potential spear phishing attacks. The US has seen attacks from various nation states to the critical infrastructure networks in the past, like water, energy, transportation and healthcare organizations and they will want to be alert of the potential impact and take the appropriate actions.  Read Less
January 07, 2020
Erich Kron
Security Awareness Advocate
KnowBe4
Modern military actions and warfare has transcended from purely kinetic attacks to hybrid cyber and Kinetic attacks. It’s reasonable to expect that there will be a response on the cyber side, especially given Iran’s advanced capabilities in the space. There is the possibility they already have access to systems as part of their APT groups and may leverage these at any time with attacks on the public and private sectors. We can also expect that non-Iranian attackers will use the emotional .....Read More
Modern military actions and warfare has transcended from purely kinetic attacks to hybrid cyber and Kinetic attacks. It’s reasonable to expect that there will be a response on the cyber side, especially given Iran’s advanced capabilities in the space. There is the possibility they already have access to systems as part of their APT groups and may leverage these at any time with attacks on the public and private sectors. We can also expect that non-Iranian attackers will use the emotional tensions around the situation to craft phishing attacks designed to install malware or steal credentials. This is often the case around emotionally charged situations such as this.  Read Less
January 07, 2020
Rosa Smothers
SVP of Cyber Operations
KnowBe4
We know APTs 33 and 34 are associated with Iranian state sponsored hackers. Every company in the SCADA and ICS space should already be proactive in safeguarding against these (and other) APTs; if we're doing our jobs right, then admins aren't in a state of emergency right now over the potential of Iranian implants lying dormant on our networks. It's also important to keep in mind US CERT's ongoing bulletins regarding Iranian cybersecurity threats, which consistently warn industry as to their.....Read More
We know APTs 33 and 34 are associated with Iranian state sponsored hackers. Every company in the SCADA and ICS space should already be proactive in safeguarding against these (and other) APTs; if we're doing our jobs right, then admins aren't in a state of emergency right now over the potential of Iranian implants lying dormant on our networks. It's also important to keep in mind US CERT's ongoing bulletins regarding Iranian cybersecurity threats, which consistently warn industry as to their go-to access methods - phishing attacks and password spraying. Critical infrastructure must remain vigilant and utilize security solutions such air gaping, deploying endpoint protections and training employees to spot and report social engineering and potential insider threats.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Share on facebook
Share on twitter
Share on linkedin

Recent Posts

Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics

Twitter Facebook-f Linkedin Youtube

Working With Us

The Pages

Our Contributing Experts