A US government security agency has ratcheted up tension with Iran by warning that escalating state-sponsored attacks could turn destructive.
The Cybersecurity and Infrastructure Security Agency (CISA) director, Christopher Krebs, said in a statement dated Saturday that Iranian “regime actors and proxies” had ramped up malicious cyber-activity against US government agencies and industries of late.
“We will continue to work with our intelligence community and cybersecurity partners to monitor Iranian cyber activity, share information, and take steps to keep America and our allies safe,” he continued.
“Iranian regime actors and proxies are increasingly using destructive 'wiper' attacks, looking to do much more than just steal data and money. These efforts are often enabled through common tactics like spear phishing, password spraying, and credential stuffing. What might start as an account compromise, where you think you might just lose data, can quickly become a situation where you've lost your whole network.”
Iran has indeed been pegged for several destructive cyber-attacks over recent years, most notably the Shamoon attack of 2012 on Saudi state oil giant Saudi Aramco which is said to have wiped the hard drives of over 30,000 machines.
Tensions between the US and Iran have risen since Donald Trump tore up the previous administration’s nuclear deal with the Islamic Republic and imposed economic sanctions which have emboldened hardliners in Tehran.
After Iran shot down an unmanned US drone last week the world is waiting for an American military response. A new report citing “two former intelligence officials” claimed that a retaliatory strike came online on Thursday evening.
It targeted a cyber-espionage group linked to the Iranian Revolutionary Guard Corps, the report claimed.
“In times like these it's important to make sure you've shored up your basic defenses, like using multi-factor authentication, and if you suspect an incident — take it seriously and act quickly. You can find other tips and best practices for staying safe online here,” concluded Krebs.