Iran purported to Cyberattacks according to reports

As reported in Eurasiareview – A US-based cybersecurity intelligence group says Iranian state institutions have perpetrated a growing number of international cyber-attacks for profit in recent months.

In a VOA Persian interview, Accenture Security growth and strategy leader Tom Parker said “We certainly have seen an evolution in the motive of why some attacks are initiated, referring to the findings in Accenture Security’s 2018 Cyber Threatscape Report that examines international trends in cyber threats. “Nation states, Iran included, have realized that cyber-attacks are not just about stealing intellectual property or sending a political message or causing an outage on a critical system. They also can take a page out of the organized criminals’ book and make some significant money out of cyber-attacks to fund their own non-cyber programs.

The Arlington, Virginia-based company published a report Tuesday saying research conducted since the start of this year indicates that Iranian state hackers used several ransomware tools to carry out those for-profit cyber attacks. Parker said, “How most cyber attacks attributed by his research team to Iran’s Islamic Revolutionary Guard Corps (IRGC) and similar state bodies were financially motivated”.

Five ransomware variants as having been developed or repurposed in Iran: RASTAKHIZ, TYRANT, WannaSmile, Black Ruby and Android ransomware as identified by Accenture Security’s iDefense threat intelligence team. It said Iran-based cybercriminals have shared data with the IRGC for future research and development, and they are the same people who created or modified those variants.

Iran Denied the Charges of Growing Force.

The Accenture Security report described the “Iranian [cyber] threat” as a “growing force”, but Iranian officials have denied the accusations of involvement in hacking attacks against the US and Arab nations. The “Growing Force is more likely to target nations such as Saudi Arabia, the UAE, Bahrain, and Israel. But it also said Iran is unlikely to carry out any disruptive or destructive cyber attacks against the US. or its European allies in the near future.

Parker said another reason for the US, not being a likely Iranian cyber target in the near term is that any meaningful damage to the US, infrastructure would require increased cyber capabilities. But he said Iran is moving gradually toward developing such abilities. While we have not seen a huge attack against, let’s say, the power grid in the U.S., many nation-states such as Iran to continue to demonstrate a desire to learn more about our critical infrastructures. There is definitely a sense that nation-states, including Iran are playing the long game and are preparing the battlefield so that certain capabilities might be at their disposal in the future” he concluded.