A cyber warfare specialist says the Islamic Republic has continued cyber attacks on US banks and other financial institutions right on up to the present.
JD Work, research director at the Cyber Conflict Documentation Project, told an Atlantic Council audience that Iran has continued DDoS (distributed denial of service) attacks and probes, even during the recent nuclear negotiations, against the US financial sector.
DDoS attacks are relatively unsophisticated attacks that overload a website and effectively block access to it.
“Whether this was an attack or simply a test of infrastructure, there’s debate on this point,” Work said, without revealing the specific targets. He said there have been similar Iranian intrusions against the oil sector as well.
According to Work, “The difference between an intrusion to acquire intelligence and an intrusion which will result in a destructive termination scenario is merely a matter of flipping a bit and a piece of malware.”
According to Andretta Towner, an analyst with CrowdStrike, a cyber security firm, Iran has increased its budget for cyber security by more than 1,200 percent in the past three years._ _She cited a recent British report that said that funding for cyber security was about $13 million when President Rohani took office and $170 million now.
Towner said Iran was once judged to be a third tier cyber warfare power, but has now moved into the first tier.
“It’s definitely not a third tier cyber power anymore,” Towner said last Wednesday. “It’s definitely progressing.”
Until recently, cyber specialists put Iran on a third rung below top actors such as the United States and Russia and second tier China. But Iran has now mastered more techniques of cyber intrusion and could be classified in the “final four,” if using a March madness college basketball metaphor, Towner said.
For Iran, she said, cyber was mainly an area of domestic concern until 2010. Iranian government-supported hackers and security agents from organizations such as the Pasdaran’s Cyber Defense Command focused on countering political dissidents in the wake of protests following the 2009 presidential elections.
But in 2010, after the Stuxnet worm attack on the Natanz enrichment plant, Iran responded with DDoS attacks on US financial institutions in 2012. Websites crashed in the face of high traffic and it cost the banks millions to fend off the barrage.