The threat of Iranian cyberattacks on banks and other critical infrastructure in the U.S. has increased amid escalating bilateral tensions, government agencies and cybersecurity firms say.
For bankers, this may stir memories of the fall of 2012, when Iranian hacker groups ran a series of successful distributed denial of service attacks against U.S. banks. (In a DDoS attack, hackers flood a web server with fake or malicious traffic in an attempt to slow down or completely shut down that server.) Banks responded by investing in content delivery networks from vendors like Akamai and Cloudflare, eventually getting the problem under control.
This time, security experts say, Iranian hackers are infiltrating banks, government agencies and energy companies and lurking, gaining intelligence about U.S. infrastructure for future attacks.
The government is "aware of a recent rise in malicious cyber activity directed at United States industries and government agencies by Iranian regime actors and proxies," Christopher Krebs, director of the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency, said in a statement last week.
These attackers are “increasingly using destructive ‘wiper’ attacks, looking to do much more than just steal data and money,” Krebs said. “These efforts are often enabled through common tactics like spearphishing, password spraying, and credential stuffing. What might start as an account compromise, where you think you might just lose data, can quickly become a situation where you’ve lost your whole network.”
Analysts at Opora, a cybersecurity adversary threat management company based in Israel, have seen an increase over the last two months in malware attacks created by Iranian actors targeting U.S. banks. Bloomberg News
Krebs advised shoring up basic defenses by using multifactor authentication, among a host o ..
Support the originator by clicking the read the rest link below.
