The latest round of U.S. sanctions on the Iranian Regime have just taken effect today. These sanctions target Iran’s banking and energy sectors and the Trump administration’s aim is to get all foreign countries to reduce their imports of Iranian oil to zero.

When Trump announced earlier this year that the United States is exiting the JCPOA, or the 2015 nuclear deal as it is known, the impact was immediate. Foreign companies ended their business dealings with Iran and ongoing negotiations ended.

Not many companies were willing to get caught in the crosshairs of U.S. sanctions.

Experts and analysts are warning that the Iranian Regime may initiate cyber-attacks on oil companies in the Gulf and the West in retaliation for the latest sanctions on its oil exports.

Six years ago, energy firms in Qatar and Saudi Arabia were targeted by cyber-attacks linked to Iran. The threat now appears to be renewed with further Gulf businesses being targeted.

FireEye, an American cybersecurity company, said in September that an Iranian hacking group known as APT33 has been carrying out a “spear-phishing” campaign over email. FireEye revealed that it has been monitoring APT33 for some time and that manufacturing, insurance, and oil and gas companies are the most under threat. The countries concerned by this are based in the United States, Japan and the Middle East.

Spear phishing consists of attempting to steal private and confidential information through emails sent to individuals in an organisation. The emails are formulated so that they look like they are being sent from a trusted and legitimate source.

FireEye also warns that the Iranian Regime’s hackers may be getting ready to carry out disruptive attacks.

The United States suspected that it may be the target of cyber-attacks from Iran and it has been preparing itself accordingly. U.S. allies in the Gulf are however more vulnerable because their defences are weaker.

During the month of July, spear-phishing attacks increased just ahead of the first batch of U.S. sanctions on Iran taking effect.

FireEye believes Iran is behind the increase of attacks because of several indicators such as links to an institute that is central to Iran’s cyber operations. Furthermore, a number of Iranian hosting companies had been used.

Iran’s regional enemy, Saudi Arabia, is one of the Iranian regime’s main targets. However, Saudi Arabia is not helping its own situation because its cyber-security processes are not very developed in comparison to international standards. Its current cyber-preparedness level is low.

Thankfully the Trump administration has been more proactive with regards to potential retaliation over the most recent sanctions. Trump is keen to put Iran under as much strain as possible but he is not naïve enough to believe that there will be no blowback. The Iranian regime is trying to appear strong but it is being pushed into a corner.

The regime is not in a position to do anything too bold, but history shows us that it will do what it can to project strength. A cyber-attack is one route it could take.

Source » ncr-iran