Iranian hackers are targeting US critical infrastructure elements, including energy, gas and oil corporations, with the clear intent of damaging the American IT framework, senior American officials report.
“This is representative of stepped-up cyber activity by the Iranian regime. The more they do this, the more our concerns grow,” an anonymous US official told The Wall Street Journal. “What they have done so far has certainly been noticed, and they should be cautious.”
Hackers focus on identifying vulnerabilities in the industrial control-system software to spy and manipulate the American IT infrastructure or damage it altogether, the officials said.
These recent state-sanctioned sabotage acts attributed to Iran are considered more dangerous than those conducted by Chinese hackers a few months back. While China’s focus is on espionage and intellectual property theft, officials say Iran seeks to disrupt critical infrastructure targets by controlling the oil, gas or electricity flow, turning systems on and off or controlling key functions.
This is not Iran’s first aggression against the US infrastructure. Last year, the US blamed Tehran for a series of online attacks against energy top-tier giants including Saudi Aramco, RasGas and Qatari energy plants and some unsophisticated DDoS attacks against financial institutions such as US Bancorp, Bank of America, Citigroup, and Wells Fargo.
The US played its own part in this cyber war when it used the Stuxnet worm against an Iranian nuclear plant a couple of years ago.
“Although Iran has been repeatedly the target of state-sponsored cyber-attacks, attempting to target Iran’s civilian nuclear facilities, power grids, oil terminals and other industrial sectors, Iran has not ever retaliated against those illegal cyber-attacks,” Iranian spokesperson Alireza Miryousefi said, dismissing the US accusations as baseless. “In the lack of international legal instruments to address cyberwarfare, Iran has been at the forefront of calling for creating such instruments. We categorically reject these baseless allegations used only to divert attentions.”
Source : hotforsecurity