Iranian Hackers

By   ISBuzz Team
Writer , Information Security Buzz | Mar 26, 2018 07:30 am PST

Following the news that the US Justice Department announced charges against nine Iranians and an Iranian company for attempting to hack into hundreds of universities worldwide, dozens of companies and parts of the U.S. government, IT security experts commented below.

Gabriel Gumbs, Vice President at STEALTHbits Technologies:

gabriel gumbs“It is very difficult to quantify the frequency or impact of Nation State sponsored attacks, more importantly there is a lack of emphasis on the means by which these attacks are perpetrated. The consensus among security professionals is that passwords are a poor mechanism for securing data, and often when we hear about sophisticated attackers and their ability to penetrate systems and sensitive infrastructure the emphasis is placed on the attacker’s capabilities and less on the factors that allow skilled or unskilled attackers to be successful. A full eight percent of the targeted accounts had their credentials compromised – let’s not underestimate the attackers capabilities, however, let’s be clear that in all but a few cases, attackers prefer the path of least resistance and compromising credentials is still the preferred method.”

Sam Curry, CSO at Cybereason:

isbuzz author male 1“Iran has committed a crime, and there’s a price to pay for that. This is a significant development for the government and other nation states should take notice that if you commit cyber crimes against the United States there is a price to pay for your actions. This is the first time our government has indicted a nation for being linked to the cyber intrusion of government offices, such as the Federal Energy Regulatory Commission and Department of Labor and that shouldn’t be overlooked.

“I expect the Iranian government to use a plausible deniability defense and claim that these rogue hacking groups aren’t affiliated with Tehran. Any nation state, Iran in this case, can say these were rogue groups, but when there is overwhelming proof, the circumstantial evidence can pile up. What’s also interesting about today’s indictments is that the 2015 nuclear deal struck between Iran, the US and six other countries lifted crippling economic sanctions in return for their disarmament of their nuclear weapon program. Many experts point toward this agreement as the main reason cyber attacks originating from Tehran have significantly diminished. But the DOJs announcement shows a nation that continued its hacking operations in the face of this agreement.

“When you are a “pariah nation” such as Iran you still have to keep information flowing because information is a lifeline. We now see that as a nation-state, Iran’s playbook is to ensure there is currency flowing and a flow of information. For the United States, this is a precedent in establishing the message on how we as a nation will deal with sanctions. We are a country who respects the rule of law, and with that, follow up matters.”