CYBER ALERT: DHS Warns Of Iran’s Cybersecurity Threat
The Department of Homeland Security (DHS) just recently issued a warning to businesses in the United States of possible looming cyberattacks from the nation state of Iran.
The State Of Iran—Will They Attack YOU?
Iran’s reputation for skilled cybercriminals and hackers is of top of mind for leaders in the US intelligent and cybersecurity communities going forward. Iran’s cybercrime is one of the world’s most aggressive, with potential to target public and private sectors (thing full-blown ransomware attacks shutting down entire networks).
Some concerning points from DHS’ recent report (things you should know):
The cause of the heightened cyber threat—on January 2, 2020, the United States carried out a lethal strike in Iraq killing Iranian IRGC-Quds Force commander Qassem Soleimani. This has riled up both the Iranian government leadership and criminals, alike, against the United States and its businesses.
Extremist groups already up in arms—Iranian leadership and several affiliated violent extremist groups have already publically stated that they intend to retaliate in serious ways against the United States. At this time, the most likely means of force is predicted to primarily affect the security and privacy of business and government computer networks.
Attackers have been substantiated—at this time there is no information indicating a specific or credible attack, but the Department of Homeland Security have detected threats from Iran and partner organizations, such as Hezbollah, who all have previously demonstrated intent and capability of conducting serious operations within United States networks.
Previous US-focused attacks have included cyber-related attacks—the Iranian government has shown capabilities in plotting and implementing cybersecurity plans against major cyber targets in the United States.
Iran is a leading force in the cyber community—as mentioned above, Iran is completely capable and fully staffed with a technology-minded workforce that is capable of carrying out attacks.
Iran is currently identified housing terrorists—Iran is currently one of the hot beds for homegrown talented extremists for cybersecurity.
Bottom line: no one is worried about bombs. What security experts are concerned is laser-focused on attacking your network.
Top DHS Cybersecurity Official Warns To Pay Attention!
The top cybersecurity official at DHS, Christopher Krebs, warns businesses to keep up on what is going on in current events in the next few months—don’t keep your heads in the sand! He specifically mentioned “Pay close attention to your critical systems,” he mentioned in a tweet.
Krebs goes on to say that accessing your network might lead to a very serious situation: “What might start as an account compromise, where you think you might just lose data, can quickly become a situation where you’ve lost your whole network.”
What can you do to stay safe?
Stay Alert — as I mentioned above, making sure you understand what’s going on, who’s being targeting and how you might be impacted.
Be prepared for cyber disruptions — know that a cyberattack might come to fruition. Instead of keeping a mentality of “this would never happen to me”, understand how your disaster recovery plan works. Make sure to test it. If you are capable of restoring from a ransomware or outage perspective, you will be prepared in the event an attack occurs.
Be responsible for your personal security — make sure everyone on your team understands the threats of these cyberattacks and realize that these attacks may go far beyond your office walls. Everyone’s personal security impacts the security of your group!
Implement basic cyber hygiene practices — understand what best practices are and where your gaps lie.
The easiest first start?
Many security experts recommend a vulnerability assessment to shore up your vulnerabilities.