Special Cyber Security and Intelligence update due to recent Iran & USA relations
David Palmer OBE
While the eyes of the world are on potential military escalation following the killing of Gen Soleimani, we must be aware of the major threat from Iran’s extensive cyber warfare capability, which has a major potential impact for commercial organisations despite physical de-escalation, which might push Iran into light cyber skirmishes to remind the West that it is still extremely capable. While Iran cannot match the US and its allies in military terms, it has one of the most potent and aggressive cyber organisations, equal in scale to those of Russia and North Korea. It has already shown its capability over recent years, attacking both government and industry of nations and their allies that Iran opposes, as well as making a high proportion of its national income from ransomware. The US DHS has warned businesses to prepare for Iranian cyber attacks, as well as causing disruptive effects against national critical infrastructure, with its ‘cyber terrorism’ in the form of disruption, ransomware, phishing and network delays. Already we are seeing major disinformation and propaganda, with activity expected to increase. Iranian cyber-criminal groups are activating with Iranian government support to target businesses and public sector organisations, particularly organisations connected with essential functions of democracy, such as think-tanks and NGOs. It has already started attacks on US institutions, The US Federal Library (FDLP) was breached and its website defaced this weekend. There are many examples of Iranian cyber defacement attacks, which we see as a main risk for Paratus clients and associates.