Will Iran unleash a Cybersecurity tsunami on the US?
In October 2013, Sheldon Adelson, the casino magnate and prominent supporter of conservative politicians, appeared on a panel in New York in which he suggested that the US could send a message to Iran, regarding its nuclear ambitions, by detonating an American warhead in the middle of the Iranian desert.
Bloomberg reports Adelson as saying, “You want to be wiped out? Go ahead and take a tough position.”
Not surprisingly, Adelson went on to become a major supporter of President Donald Trump.
The critical implications regarding this past war of words came only months after Iran’s Supreme Leader Ayatollah Ali Khamenei said America should ‘slap these prating people in the mouth’.
In February 2014, hackers inserted malware into the computer networks of Adelson’s Sands Casino in Las Vegas.
The withering cyber-attack laid waste to approximately three quarters of the company’s Las Vegas servers, and the cost of recovering data and building new systems was reported to be US$40 million or more.
A year after the attack, a top US intelligence official confirmed that Iran was behind it.
Today, the US is again awaiting retribution from Iran, following a recent airstrike that killed Iran’s top general, Qassem Soleimani.
Iran strikes back
History will note that Qassem Suleimani was killed in Baghdad on 3 January, 2020.
Just hours later, a US government-operated website was hacked by a group claiming to be acting in retaliation for the killing of Suleimani.
There is no evidence as yet that this was an Iranian sanctioned attacked.
A spokesperson for the Cybersecurity and Infrastructure Security Agency, a division of the Department of Homeland Security, said the website was taken offline soon after the image appeared.
"We are aware the website of the Federal Depository Library Program (FDLP) was defaced with pro-Iranian, anti-US messaging. At this time, there is no confirmation that this was the action of Iranian state-sponsored actors.”
Whilst not a cyberattack, Iran has today officially retaliated, launching a series of rocket attacks that were fired at an Iraqi base hosting American soldiers.
“The fierce revenge by the Revolutionary Guards has begun,” Iran’s Islamic Revolutionary Guard Corps said on a Telegram channel.
“We are warning all American allies, who gave their bases to its terrorist army, that any territory that is the starting point of aggressive acts against Iran will be targeted.
“This time we will respond to you in America.”
Key infrastructure could be target of cyber attack
In this day and age Iran doesn’t need boots on the ground to seek vengeance.
Disturbingly, the Sands incident in 2014 wasn’t isolated, and Iranian hackers have continued to infiltrate presidential campaigns, universities, journalists and infrastructure.
Regards the latter, Bloomberg reported that a dam in suburban New York was a target.
Former chief technological officer of the FBI’s cyber division, Milan Patel said, “Power generation like hydro and electric, that’s where they can cause the most real world damage.”
Forbes journalist Zak Doffman believes “Iran is a credible cyber player but its decision now is whether to unleash its most potent cyber weapons on tier-one U.S. targets—critical infrastructure, government sites, military targets—risking a catastrophic response from the much more capable U.S. cyber arsenal.
“Just as in the physical domain, there will be significant debate in Teheran as to just how far to push as this point. Despite the rhetoric and the unfurling of a highly symbolic red flag of vengeance over the Jamkaran Mosque, the strategists will be taking a more cautious approach.”
This would be to avoid a more devastating response, but the threat is as real as it can be.
Iran isn’t a lone wolf.
It is also worth noting that cyberattacks have come from other sources that could be more strategically damaging.
Bloomberg quoted FBI Director Christopher Wray as saying that China had allegedly stolen so much intellectual property from US companies, including by hacking, that it was akin to stealing their way up the economic ladder.
Mid last year, USA Today reported that Russian cyberattacks were an enormous threat to the US and Reuters reported that North Korea has generated an estimated $2 billion for its weapons of mass destruction programs using “widespread and increasingly sophisticated” cyberattacks to steal from banks and cryptocurrency exchanges.
With digital warfare now looming as one of the best options to strike directly at the American population, cybersecurity will be an increasingly critical focus in 2020 and beyond.
Innovative Cyber Risk Focused companies like WhiteHawk are positioned to provide next generation cyber risk monitoring and mitigation services to companies and organisations of all sizes.
WhiteHawk Limited (ASX:WHK) recently developed an advanced outside-in Cyber Risk Program, partnering with best of breed SaaS platform partners, that can be initiated within 48 hours anywhere in the world, including continuous cyber risk monitoring, prioritization, red team validation, dark net assessment and mitigation solution options, starting at $10K US a year.
It was only in November last year that the company announced the extension and expansion of a contract to provide its Cyber Risk Radar to a top 12 US defence industrial base company for supply chain risk management.
This company’s relationship with WhiteHawk extends back to 2018, and it was further strengthened in mid-2019, having negotiated a contract involving the implementation of a comprehensive 360 cyber risk framework, including an online Software as a Service (SaaS) subscription, augmented by consulting services.
Under the terms of the agreement, WhiteHawk provided quarterly Cyber Risk Scorecards for 30 additional suppliers and Risk Portfolio Reports for the top 5 suppliers.
These reports provided additional insights based on WhiteHawk Cyber Analysts performing cyber intelligence analytics on the raw data collected from the security rating providers.
Commenting on the significance of this development and the increasing relevance of cyber security, Terry Roberts, executive chair of WhiteHawk said, “Automating Cyber Risk Discovery, alerting, prioritisation and mitigation across major federal contractors should be everyone’s priority today, thereby building in resilience across the defence industry in real-time.
‘’With each implementation we are gaining important ground, demonstrating our unique and scalable approach to future government and industry customers.”
WhiteHawk provides automation across thousands of defence contractors
Step forward to 2020, and Roberts is now highlighting WhiteHawk’s ability to showcase how new Department of Defence supply chain cyber risk objectives, guidelines and certifications can be automated across thousands of defence contractors and suppliers.
The aforementioned contract negotiated with a top 12 defence industrial base company which occurred in November underlines the group’s progress in the cyber security arena.
Under the terms of the contract, WhiteHawk will provide quarterly data allowing the customer to establish a Cyber Risk Rating baseline for key supplier companies in support of federal contracts by means of continuous monitoring, alerts, prioritisation and actionable mitigation recommendations.
This approach will provide the customer with actionable intelligence, clear visibility and transparency into the cyber health and status of its suppliers in advance of tightening government benchmarks and requirements.
With WhiteHawk’s expanded cybersecurity offering, the client will also receive quarterly WhiteHawk Cyber Risk Scorecards for 150 critical suppliers and Risk Portfolio Reports across the entire population of suppliers.
These non-technical reports will provide focused and actionable risk insights based upon automated WhiteHawk Cyber Analytics and Cyber Analyst prioritisation of cyber intelligence risk indicators, across raw data collected from the WhiteHawk team of security rating providers.
These company developed quarterly reports summarise key findings and make prioritised recommendations for each supplier to act upon in order to measurably advance their cyber maturity.
In discussing this contract, Roberts highlighted that it has resulted from the strong progress the company has made in the last 12 months in expanding its integration and prioritisation of commercial cyber risk monitoring and mitigation across 150 US Department of Defence cyber organisations and professionals.