Unimpressed by their “historic” nuclear deal with the United States, and its billions of dollars in sanctions relief, Iran’s hackers have escalated their attacks on U.S. government officials over the past four months.
“The surge has led American officials to a stark conclusion: For Iran, cyberespionage — with the power it gives the Iranians to jab at the United States and its neighbors without provoking a military response — is becoming a tool to seek the kind of influence that some hard-liners in Iran may have hoped its nuclear program would eventually provide,” the New York Times reports.
That is a rather tortured way to put it, but the NYT is deeply invested in the long-running Iranian theatrical performance of “Hardliners vs. Moderates,” which depicts everything bad that happens in Tehran as the work of sinister “conservatives,” out to sabotage that nice reform-minded President Hassan Rouhani. In reality, President Obama has given Iran a level of influence beyond the dreams of any hard-liner—a windfall of money and international prestige that would have seemed unimaginable just a few years ago.
Iran sees no reason to give up anything in return for these concessions from President Obama. On the contrary, they have every incentive to engage in shenanigans like hacking the email and social media accounts of State Department officials, which is what they have been up to recently.
As usual, the Obama administration was clueless—they only found out because Facebook told the State Department its accounts had been compromised. (Interestingly, Facebook is now warning users when it suspects their accounts have been hit by state-sponsored hackers.) That is despite explicit warnings from the intelligence community that Iran was ramping up online espionage activities, eschewing destructive brute-force malware attacks and data raids for more subtle forms of spying.
“It was very carefully designed and showed the degree to which they understood which of our staff was working on Iran issues now that the nuclear deal is done,” said a senior U.S. official quoted by the New York Times.
Not that Iran lacks the capability for destructive cyber-attacks. The Times mentions an Iran strike against American banks, a Saudi oil company, a Qatari natural-gas company, and the Sands Casino in Las Vegas—the latter apparently inspired by Sands stakeholder and Republican money man Sheldon Adelson suggesting that Iran might be more eager to give up its nuclear weapons if we detonated one of ours in their deserts.
Also, some of the subtle spying Iran is conducting looks an awful lot like reconnaissance for destructive attacks on U.S. infrastructure targets, according to security analysts quoted by the NYT.
U.S. experts provide assurances that Iran lacks the cyber-war capabilities of Russia or China… but they seem fond of exactly the same technique as those elder statesmen of virtual espionage, the notorious “spear-phishing” attack, in which emails are tarted up with information personalized to the target and loaded with malware.
The Iranians were apparently able to trick American officials into clicking malware links they thought were coming from “members of the news media” about 25 percent of the time. Engadget says they were “hoping to use the social networking accounts of younger government staff to compromise other, more prominent staffers.”
CNN adds that Iranian hackers have developed a “sophisticated network of fake LinkedIn profiles to spy on unsuspecting targets worldwide, including the U.S.” Iran took the trouble to create a mass of fake contacts to make their phony LinkedIn profiles look legit. The information gathered from these connections was then used for spear-phishing attacks.
The Times cites State Department officials saying these hacker attacks won’t affect the Iran nuclear deal. That is exactly why Iran carries them out. Every bad actor in the world is going to get into the state-sponsored cyber-espionage game as quickly as they can, because there are huge potential gains and negligible consequences.
COMMENTS
Please let us know if you're having issues with commenting.