Given the current state of affairs in America, most citizens are probably glued to their device’s screens even more than they normally would be, come the beginning of a new decade. The beginning of this decade however brings with it the threat of political retaliation.
The recent events between the United States and the Islamic Republic of Iran that have increased the likelihood of cyber-attacks from Iran, a country historically known to use “cyber offensive activities as retaliation,” causing The Cybersecurity and Infrastructure Security Agency (CISA) and to issue an alert. The US Department of Homeland Security has also issued a terror alert on possible cyber-attacks in a “rare NTAS (National Terrorism Advisory System) alert.”
As cybersecurity professionals, it is our job to detail how important it is to stay safe online, especially when there is a national threat of cyberwar.
What would an attack from Iran look like on a cyber level?
The NTAS alert states, “Iran is capable, at a minimum, of carrying out attacks with temporary disruptive effects against critical infrastructure in the United States.” Chad F. Wolf, acting US Secretary of Homeland Security adds, “an attack in the homeland may come with little or no warning.”
Critical Infrastructure and Government systems seem to be of the biggest concern, as malware and destructive data-wiping capabilities have been used by Iran against other targets in the Middle East.
Paul Martini, co-founder of the network security platform iBoss, said “a worst-case scenario could instantaneously shut down an entire power grid. It’s not just the lights, it’s also the internet which shuts down communication systems. Without shooting a single bullet or missile, you can shut down an entire county or nation.”
Martini added that even if Iran’s hacking capabilities aren’t sophisticated enough, bribes could be used to lure advanced hackers to perform the attacks for them.
So, what recommended actions should you take? The CISA recommends:
1. “Adopt a state of heightened awareness” – Be on high alert for any new information, and have procedures in place for emergencies.
2. “Increase organizational vigilance” – Monitor internal security capabilities, flag any known compromises or attacks.
3. “Confirm reporting processes” – Confirm personnel are aware of proper incident reporting processes, have a designated procedure.
4. “Exercise organizational incident response plans” – Identify key steps to take during an incident, ensure access is granted and systems are working to log information as needed.
Although banks and government systems have back up plans in place, the general public should not rely on internet connected devices. Write down information that would otherwise be stored in phones or computers as a fail-safe. Martini advises, “store important information so if you were to lose digital access, you would still be able to function in day-to-day life.”
If you need assistance with cybersecurity services contact DarkHound at [email protected].