MSSPs must prepare U.S. clients for a new onslaught of attacks from Iran.
The world breathed a collective sigh of relief when the U.S. and Iran stepped back from the brink of war this week. But the threat didn’t subside; it merely changed the focus from expensive war machines to digital mayhem. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) raised the alarm on upcoming cyberthreats from Iran, aimed at wreaking real-world harm in the U.S. Now, American businesses are bracing for impact.
“With the escalation of tensions in the Middle East, many are asking how far-reaching the impacts could be for the U.S. private sector. While the impacts to the petroleum industry, defense contractors and service members supporting U.S. FOBs, and travel providers are very direct, we cannot forget about the real potential for state-sponsored cyberattacks on both international and domestic U.S. interests,” warned Warren Poschman, senior solutions architect at comforte AG.
Iran has a history of targeting non-military U.S. interests. CISA lists the following as among the list of previous attacks:
“We know APTs 33 and 34 are associated with Iranian state sponsored hackers. Every company in the SCADA and ICS space should already be proactive in safeguarding against these (and other) APTs; if we’re doing our jobs right, then admins aren’t in a state of emergency right now over the potential of Iranian implants lying dormant on our networks,” said Rosa Smothers, senior VP of cyber operation at KnowBe4 and a highly decorated former CIA Technical Intelligence Officer.
Even with such a diversified history of attacks, it’s relatively clear which organizations are most likely to be targeted now in the midst of current U.S.-Iran tensions.
“Some organizations face a greater threat than others. Financial services, energy, oil and gas, health care, infrastructure, and any business that contracts with the federal government is a more likely target,” said Paul Bischoff, privacy advocate with Comparitech.
Specific types of attacks are expected as well.
“Businesses will have to prepare for several types of threats such as malware, network disruptions (DDoS attacks), data theft and phishing. Because Iran is a nation-state actor, it has a broad range of tactics at its disposal as well as the resources to conduct large-scale cyberattacks,” said Bischoff.
MSSPs should also expect attacks from Iran to continue for the foreseeable future and beyond.
“Given that Iran already has a history of launching cyberattacks, it seems almost inevitable in today’s climate that we’ll see new threats. Cyberattacks are an extremely cost-effective form of asymmetrical warfare, with even small attacks getting lots of publicity and causing general anxiety and fear,” said Ray DeMeo, co-founder and COO at Virsec.
Businesses need to be extra diligent in their security practices to thwart such a continued onslaught of varied attacks. Here are suggestions from experts on …
Product Brief: Kaseya VSA Integrated Workflows with BMS and IT Glue
Untangle Research: Breach Headlines to Prompt Increased Cybersecurity Spending
SaaS Alerts Recruits Big Name from Kaseya as CEO
Microsoft, SAP Plan Teams Integration, Expand Cloud Migration Pact
As Threats Soar, Biden Administration, CompTIA Prioritize Cybersecurity
HPE Appoints LongTime HPE/HP Vet as Worldwide Distribution Head
Acquisition-Hungry Sapphire Systems Powers Ahead with US Expansion
Industry Experts Laud Biden Proposal for Increased Federal Cybersecurity Spending
Please log in again. The login page will open in a new tab. After logging in you can close it and return to this page.