Last week, the New York Times reported that Iran’s cyber attacks against the US, specifically banks, businesses and government agencies, have increased in volume, sophistication, and intensity.
One of the major reasons cited was the US’ withdrawal from the Joint Comprehensive Plan of Action (JCPOA), more commonly known as the Iran nuclear deal, which led to renewed sanctions against Iran. Since the withdrawal, Donald Trump has been using diplomatic pressure to force other nations to abide by the sanctions, which has left the Iranian Regime with substantially less money than before.
In fact, Iran’s oil exports gradually decreased in 2018, until they hit a low of 1.1 million barrels per day in December. That’s roughly 60% of what Iran was selling a year earlier. In response, Iranian President Hassan Rouhani threatened to escalate Iran’s actions against the US.
And it’s not just the New York Times. Cyber security firm FireEye has warned the US about Iran’s cyber-attacks on multiple occasions over the past year, using several methods to determine the origin of the cyber-attacks, and advising that the evidence repeatedly pointed toward Iran.
Their report read: “Preliminary technical evidence allows us to assess with moderate confidence that this activity is conducted by persons based in Iran and that the activity aligns with Iranian government interests. FireEye Intelligence identified access from Iranian IPs to machines used to intercept, record and forward network traffic.
While geolocation of an IP address is a weak indicator, these IP addresses were previously observed during the response to an intrusion attributed to Iranian cyber espionage actors.”
Iranian hackers target many sectors in the US from government agencies to businesses to private and public institutions. During the past year, they’ve used cyber attacks to bring the city of Atlanta to its knees by targeting its hospitals, schools, state agencies and other institutions. While financial institutions like Bank of America, JPMorgan Chase, Wells Fargo and Citigroup have also been impacted.
The level of sophistication and the type of targets points to the Iranian Regime rather than individual hackers, who would prefer to hold companies to ransom.
Political scientist Dr Majid Rafizadeh wrote: “The resurgence of Iran’s cyber attacks is alarming. These attacks against foreign governments, businesses, hospitals and schools are more intense than was previously thought. The international community must take the issue seriously and hold the Iranian regime accountable.”