A decade ago, Iran began mobilizing its own resources. This home-grown hacking culture is one of the report’s most interesting findings, because it can probably be duplicated in dozens of other emerging economies. “Iran’s cyber capabilities appear to be indigenously developed, arising from local universities and hacking communities,” the report notes. “Threat actors seemingly arise from nowhere and operate in a dedicated manner until campaigns dissipate, often due to their discovery by researchers.”
The Iranian hackers began slowly in 2007, with cyber-pinpricks. A group calling itself the Iranian Cyber Army defaced dissident Twitter accounts in 2009 and, soon after, websites belonging to the Voice of America. But the attacks became more serious in 2011, after an Iranian hacker penetrated a Dutch security firm called DigiNotar, opening Gmail users in Iran to government surveillance, according to the Carnegie study.
Iranians launched an August 2012 attack on the Saudi Aramco oil company, using a wiper virus known as “shamoon.” According to the Carnegie researchers, the attack affected tens of thousands of Saudi Aramco computers and caused tens or even hundreds of millions of dollars in damage.
Iran successfully attacked the U.S. as well. In September 2012, a hacker group that called itself the Izz ad-Din al-Qassam Cyber Fighters began attacking U.S. banks and financial institutions with a primitive but destructive assault known as a “distributed denial of service,” or DDoS, which basically flooded targeted computers with so much traffic that their systems crashed. Here, too, the assaults did surprising damage.
The FBI concluded that from 2012 to 2013, the Iranian operation “locked hundreds of thousands of banking customers out of accounts for long periods of time and resulted in tens of millions of costs to remediate,” the Carnegie analysts explain. Many financial institutions that had been hit by the Iranians said little about the attacks, to avoid worrying customers or shareholders.
Source » chippewa