The US government and various security researchers have connected Iran to a number of egregious cyberattacks in the past, including one launched against the Navy. And based on a 2013 NSA document leaked by Edward Snowden that The Intercept has just published, they've also long suspected that Iranian officials learned cyberwarfare from the West's previous attacks against the country's computers. The NSA is also apparently worried that the country's cyberweapons are becoming more and more potent, as it continues to improve and not just replicate its enemies tactics. As you might have guessed, Iran's crusade to give its enemies a taste of their own medicine began with the attacks against its nuclear facility.
While the paper never mentioned Stuxnet by name, it's widely believed that the US was responsible for creating and using the worm to infect the centrifuges to be installed in Iran's nuclear plant -- Israel followed suit using another virus called Flame. At the same time, Iran suffered a separate attack against its oil industry, which targeted and destroyed its computers. Using the intel it gathered from all those instances, Iran is believed to have created a powerful malware called Shamoon that the country used to infect 30,000 Saudi Aramco computers in 2012. If US cybersecurity firm Cylance is right, then the virus was also used to digitally infiltrate over 50 aerospace, airline and petrol corporations, hospitals and even universities around the globe. In fact, the FBI warns that Iran might not be done yet, and there's a possibility that it's launching similar attacks against more companies in the future.
Just like the virus that destroyed Iran's oil company's hard drives, Shamoon erases data in all its victims' computers, rendering their HDDs/SSDs useless. During the Saudi Aramco incident, in particular, it replaced all the info with an image of a burning American fan. Sounds familiar? That's because Shamoon and the previous virus that inspired it are believed to have been the inspiration for the malware that took down Sony Picture's computers, in turn. Yes, the one that led to a string of private email and movie leaks that the FBI says was orchestrated by North Korea.
The NSA noted in the documents that it saw no indications that Iran was planning to launch a similar attack against the US when the paper was published in 2013. It did say, though, that the country had been conducting regular DDOS attacks against American financial institutions since 2012, and it was at the third phase of a series of attacks upon publication.
[Image credit: Getty Images]
Filed under: Misc
Via: Wired
Source: The Intercept (1), (2)
0 comments:
Post a Comment