MSSPs must prepare U.S. clients for a new onslaught of attacks from Iran.
The world breathed a collective sigh of relief when the U.S. and Iran stepped back from the brink of war this week. But the threat didn’t subside; it merely changed the focus from expensive war machines to digital mayhem. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) raised the alarm on upcoming cyberthreats from Iran, aimed at wreaking real-world harm in the U.S. Now, American businesses are bracing for impact.
“With the escalation of tensions in the Middle East, many are asking how far-reaching the impacts could be for the U.S. private sector. While the impacts to the petroleum industry, defense contractors and service members supporting U.S. FOBs, and travel providers are very direct, we cannot forget about the real potential for state-sponsored cyberattacks on both international and domestic U.S. interests,” warned Warren Poschman, senior solutions architect at comforte AG.
Iran has a history of targeting non-military U.S. interests. CISA lists the following as among the list of previous attacks:
“We know APTs 33 and 34 are associated with Iranian state sponsored hackers. Every company in the SCADA and ICS space should already be proactive in safeguarding against these (and other) APTs; if we’re doing our jobs right, then admins aren’t in a state of emergency right now over the potential of Iranian implants lying dormant on our networks,” said Rosa Smothers, senior VP of cyber operation at KnowBe4 and a highly decorated former CIA Technical Intelligence Officer.
Even with such a diversified history of attacks, it’s relatively clear which organizations are most likely to be targeted now in the midst of current U.S.-Iran tensions.
“Some organizations face a greater threat than others. Financial services, energy, oil and gas, health care, infrastructure, and any business that contracts with the federal government is a more likely target,” said Paul Bischoff, privacy advocate with Comparitech.
Specific types of attacks are expected as well.
“Businesses will have to prepare for several types of threats such as malware, network disruptions (DDoS attacks), data theft and phishing. Because Iran is a nation-state actor, it has a broad range of tactics at its disposal as well as the resources to conduct large-scale cyberattacks,” said Bischoff.
MSSPs should also expect attacks from Iran to continue for the foreseeable future and beyond.
“Given that Iran already has a history of launching cyberattacks, it seems almost inevitable in today’s climate that we’ll see new threats. Cyberattacks are an extremely cost-effective form of asymmetrical warfare, with even small attacks getting lots of publicity and causing general anxiety and fear,” said Ray DeMeo, co-founder and COO at Virsec.
Businesses need to be extra diligent in their security practices to thwart such a continued onslaught of varied attacks. Here are suggestions from experts on …
SolarWinds-Cisco Meraki Integration Improves Device Monitoring
Microsoft Widens Hybrid Cloud Path with New Azure Arc, Azure Stack Hub Releases
Remote Learning: Help Your K-12 and Higher-Ed Clients Get Back to School Safely
News You Missed: MSPs Hold Their Own During COVID-19, Atera Expands Software Patching
Dynatrace Partner Program Highlights Digital Transformation Expertise
Auth0 Debuts Marketplace, Opens Door Wider to Identity Management Partners
Workshop: Voices of the Channel
VMware & SD-WAN: Taking a SASE Approach
Please log in again. The login page will open in a new tab. After logging in you can close it and return to this page.