The Cybersecurity and Infrastructure Security Agency (CISA) released an alert about the potential for Iran to attack the United States cyber infrastructure considering the current tension. Iran has a history of using cyber terrorism in response to perceived harm; Late 2011-Mid-2013 they targeted the U.S. Financial sector, these attacks prevented customers from accessing their accounts and cost the banks millions of dollars in remediation. In August and September 2013, they gained access to a d. am in New York State obtaining information regarding the operation and status of dam. In February 2014 they hacked into the Sands Casino in Las Vegas stealing customer data and credit card information along with wiping their computer systems. From 2013 through 2017 they conducted a massive cyber theft campaign that targeted academic and intellectual property. Because of these recent incidents, CISA is worried about the potential for more cyber terrorism in the United States by the Islamic Republic of Iran.
CISA recommends that organizations:
- Adopt a state of Heightened awareness.
- Increase organizational vigilance.
- Confirm reporting processes.
- Exercise organizational incident response plans.
CISA also recommends that the following measures are put into action by an organization’s IT team:
- Disable all unnecessary ports and protocols.
- Enhance monitoring of network and email traffic
- Patch externally facing equipment.
- Log and limit usage of PowerShell.
- Ensure backups are up to date.
If you are interested in seeing the complete alert or question your company’s ability to take action and mitigate this risk, please reach out to HubWise Technology. Jmoen@hubwisetech.com or at (402)339-7441