Two words that sum up this attack by Iranian hackers on US cyberspace, with rising tensions between the United States and Iran.
A couple of days ago, the website for the Federal Depository Library Program (FDLP) was defaced by hackers based in Iran, shortly after the killing of Qassem Suleimani in Baghdad, Iraq. The defacement contained statements echoing those of the threats of vengeance Tehran has expressed, as well as an image of US President Donald Trump being punched in the face, and Ayatollah Khamenei. There has been no evidence of this act being done by hackers linked to the regime in Iran, however.
Granted, this is a low-level .Gov domain, but this raises a more alarming matter. Hackers can breach US-based domains, even those of the government and we don’t know what sensitive systems are connected to the FDLP thorough which the hackers may have gained access to, such as a shared data centers. This was just mere demonstration (that we know about!) of their capability to do so.
Ironically, a day before said attack, Christopher Krebs, the director of the US Department of Homeland Security’s cybersecurity agency, had warned organizations within the United States government to recheck their system security, given the events involving Soleimani very recently.
The FDLP website has been taken down for maintenance shortly after, but when you search for the domain, the results display more evidence of the hacking.
This raises concern as it shows that whether or not the regime in Tehran backed this, it proves one of the following (or even worst – both):
a) The US Gov. domain’s and Website’s are not protected enough, and/or
b) The hackers have more than enough skill to access US government websites and may be able to access more sensitive targets.
Should the relationship between the two countries continue to diminish, this could pose a greater threat to the United States and other affected countries.
The Iranian hackers have put the US in a bind, as they have proven that the cybersecurity of the United States may not be as secure as they thought it is.
Targeted attacks on certain industries may cripple the superpower, and that the hackers can and will take matters into their own hands should the situation continue to escalate.
This may not be the case, however, since we’re talking about the United States. They have contingencies for their contingencies, and some of the more critical industries are more secure than the FDLP. However, this does not guarantee the security of other mid and low-level domains under the US government, and the right deployment of malware on some of these can spell disaster.
A downside for future hackers from this attack is that it alerted the DHS, and we all know the DHS does not mess around. This has heightened their levels of security, and they are likely going to tighten their cybersecurity to these lower-level domains.
What’s troubling is that there is no way to tell whether these Iranian hackers are targeting only the United States, or will they target other countries as well, countries that host our clients domains and services. That’s where iZOOlogic comes in.
It is imperative for us, iZOOlogic, to match these threats blow for blow and get the upper hand by learning how to stay ahead of the game, so we can protect our clients better. The current situation between Iran and the US is likely to spill and affect other countries, even after the seeming de-escalation speech given by US president Donald Trump. We are deploying and developing new methods to counter these potential threats all the time.
Hence, while these attacks are aptly timed, they are also ill-timed, as the time to level it up a notch in cybersecurity is now. We anticipate that leaked data in the Dark Web and criminal forums will start to circulate soon, as secondary shock waves from the initial attacks.