U.S. Businesses Brace for Impact from Iranian CyberAttacks

Channel Futures, Journal of Cyber Policy, Clearance Jobs, January 10, 2020, with comments by Ray DeMeo;

Experts believe cyberattacks from Iran are highly likely now that tensions between the US and Iran are so high. While every business must up its game in heightening security, some industries face a bigger risk than others, such as energy, oil and gas, healthcare, infrastructure, financial, and government-related businesses.

We know companies have good reason to fear because of Iran’s prior attack history in this country:

  • New York’s Bowman Dam: attack accessed the SCADA system of the dam to gain status and operations information
  • Sands Las Vegas Corp breach: customer data stolen, including Social Security numbers, credit card data, drivers’ license numbers
  • US financial industry: DDoS attacks targeted US banks, blocking customers from their accounts; banks had to pay millions in remediation
  • Miscellaneous cyber theft: attacks targeted multiple organizations, such as 144 US universities, 176 foreign universities, 47 private companies, the US Dept of Labor, the Federal Energy Regulatory Commission, the Federal Energy Regulatory Commission, the State of Hawaii, the State of Indiana, the United Nations, and the United Nations Children’s Fund

The stakes are high after the US and Iran exchanged military strikes. But knowing Iran is no match for direct military combat, most expect future attacks from Iran to be in cyber form rather than military.

“Given that Iran already has a history of launching cyberattacks it seems almost inevitable in today’s climate that we’ll see new threats,” said Ray DeMeo, co-founder and COO of cybersecurity firm Virsec.

“Cyberattacks are an extremely cost-effective form of asymmetrical warfare, with even small attacks getting lots of publicity and causing general anxiety and fear,” DeMeo told ClearanceJobs.

No one can prevent a nation state or any hacker from launching cyber attacks. The only option is to be prepared.

“The only solution for businesses is to be extremely vigilant, upgrade aging security systems, and understand new hacking techniques that target applications during runtime and leave few clues behind,” suggested DeMeo. “Just like we accept higher levels of security and vigilance around air travel, heightened cyber security will be a fact of life, and businesses that are complacent will quickly get in the crosshairs.”

How Can Businesses Prepare for Cyberattacks from Iran?

Defensive tactics include keeping software and firmware up to date, using firewalls and antivirus, encrypting data, access control with least privilege, implementing strong and unique passwords, intrusion detection, and educating the full staff on the ways of detecting phishing messages as well as a policy for dealing with these threats.

The best way for organizations to protect data is with a data-centric security approach that ensures data is kept secure and private, especially since traditional security measures such as strong authentication, firewalls and data-at-rest encryption alone are unlikely to deter access or theft going forward.

Additional steps include:

  • Identifying critical data and where it is housed
  • Knowing what assets – physical and virtual – are on your network
  • Hardening your network devices, making sure they are securely configured
  • Reviewing endpoint data sources to make sure you have full coverage of all endpoints on your network
  • Ensure that your vulnerability scanner is scanning all subnets.

Virsec’s Unique and Effective Application, Runtime and Memory Protection

Virsec takes a unique approach to guard-railing your applications and countering a broad spectrum of cyber attacks, including ransomware attacks.

Only Virsec Security Platform Delivers:

  • Protection of application workflows, processes, file systems, libraries, memory and more at runtime
  • Precise attack remediation and automation early in the attack cycle without need for expert analysis or machine learning
  • Deterministic threat detection based on request deviations initiated by malicious code, remote hackers, files and trusted processes no matter how attacks originate

Data breaches and ransomware attacks are the among the biggest threats against organizations today. Our demo shows a multi-step ransomware attack in action using advanced hacking tools. See how Virsec security platform can instantly spot this attack at every stage and stop it. If you are interested in partnering with Virsec, we invite you to consider doing so – before you may face the unfortunate situation of a ransom demand or if you are in the process of recovering.

Further resources:

See Virsec in Action - Demo Center, Live Demos, Test Drive

Prepare for Cyber Attacks from Iran, Especially 'Wiper' Attacks

Iran’s APT33 Hackers Are Targeting Industrial Control Systems

US & UK Report Russian Hackers Impersonate Iranian Spies to Attack Over 35 Countries