The cyber war between Iran and the USA, 10 years of history

What is cyber warfare? Understand ...
What is cyber warfare? Understand how cyber attacks work

With the elimination of General Soleimani, i relations between Iran and the USA they are in their most critical phase of recent history. #IIIWW has already become a viral hashtag on social media, as well as a decent meme source. Obviously nothing of this will happen. Unlike their Middle Eastern peers, western Gen Z members will never wake up to a conflict on their doorstep. It is the same American department of Homeland Security to indicate that a concrete and credible threat of possible military operations on American soil, at this stage, is not likely: it has never happened in the history of the nation, it will not happen even now.
The National Terrorism Advisory System instead points the finger at the program Cyber ​​Guerrilla of Iran, attributing to the country the ability to conduct attacks capable of bringing to the knees, even temporarily, critical infrastructures such as power plants, water treatment plants and airports.
Iran has already proven to have the strength to create serious damage to the American economy, thanks to brutal attacks on key US companies. Not that the damage of a cyber attack can only be virtual, or in any case not tangible: a violent attack against a nuclear power plant or against the traffic systems of a city (even think only of a traffic light or a level crossing) they can lead to a massacre.

"The US believes they control the internet, they are wrong"

December 19, 2009 was a rather unforgettable day for Twitter users. The site was loading. Several users were unable to connect to the portal to carry out the usual routine of twittering, follow and retweet. In the end by force of F5 there are those who manage to enter the site, or rather, what was left of it.
The main screen had been transfigured (defaced, as they say in jargon): instead of the classic home, a green flag appeared with Arabic writing, accompanied by a sinister message to say the least:

You Might Want To Read This:   TLC memories with MLC durability, the latest creation of ATP Electronics

"U.S.A. Think They Controlling and Managing Internet By Their Access,
But They Don't, We Control And Manage Internet By Our Power, So Do Not
Try To Stimulation Iranian Peoples To ….
NOW WHICH COUNTRY IN EMBARGO LIST? IRAN? USA?
WE PUSH THEM IN EMBARGO LIST
Take Care. "

The attack on Twitter was later claimed by theIranian Cyber ​​Army. But the US hadn't seen anything yet. The real proof of being able to sit fully in the table of military IT superpowers Iran provided it between 2011 and 2013, when a self-proclaimed group "Qassam Cyber ​​Fighters"has launched a series of relentless attacks on the American banking system, bringing to its knees some of the most important financial institutions in the country. Over 46 companies have been affected. Bank of America, JP Morgan and NASDAQ are also targeted. The Iranian hacker army seemed relentless.
No matter how many precautions the banks took, the Iranian attacks still managed to send them haywire. The attacks went on for months, with the group of hackers having fun announcing the next target well in advance. Even by giving up the surprise effect, hackers still managed to break the defense systems of the institutions. These were DDoS attacks conducted with a deadly firepower (an estimated 146 Gbps data load).

You Might Want To Read This:   Xiaomi Mi Notebook from now on with Kaby Lake-R processors

We are talking about millions of Americans completely cut off from their bank accounts. Frozen accounts, impossibility to carry out simple operations such as a bank transfer. A little thing that has cost the American economy tens of millions of dollars. This series of cutthroat attacks against several Western banks and companies has taken the name of Operation Ababil. During the same period, the US Defense included the Qassam Cyber ​​Fighters in the list of the five most powerful hacker groups in the world.
In 2012, Iranian hackers also launched what is considered one of the most destructive hacker attacks in history: theShamoon attack.

ShamoonSide note: Shamoon has also returned to talk relatively recently, with new attacks in 2016 and 2017. The good news is that in 2018 the university of Perdue developed a defense system capable of protecting systems. computer from wipe malware like Shamoon. It's called R2D2, like the Star Wars astromechanical droid.

You Might Want To Read This:   the school in the time of the Coronavirus

Shamoon is the name of a wiper malware, a virus designed to destroy huge amounts of data in a short time, overwriting the information stored on hard drives with corrupt images. In 2012 the target was the Saudi oil company Aramco. The attack occurred on August 15, when tens of thousands of company employees were at home, to prepare for the celebration of the holiday known as Night of Destiny: the revelation of the Koran to the prophet Muhammad. Hackers entered Aramco systems using credentials from administrators, infecting them with the virus, which quickly spread to all company terminals.

Upon returning to the workplace, the company's employees found, in place of all the corporate documents, including folders, emails and databases, an image with the American flag on fire. Aramco thus lost 75% of its data.

Finally in 2014 it was the turn of the Sand casinos in Las Vegas, owned by Sheldon Andelson, a billionaire of lively Republican and pro-Israel orientation who suggested the Government to react relatively cautiously and balanced to the escalation of cyber attacks: bombing the Iran with nuclear power. For the record, his proposal was not heeded. Andelson's casinos lost $ 40 million because of the attacks.

You Might Want To Read This:   Intel hired another important person from the graphics department of AMD

Operation Olympic Games

Iran has never been alone in this perpetual cyber war. Between 2009 and 2010 a series of failures to plants of Natanz they cause the loss of roughly one tenth of the centrifuges used by Iran to treat uranium. The Natanz plant is a key asset of the country's nuclear program, the one with which it hopes to obtain the atomic weapon.

Centrifuges behave abnormally, quickly varying speeds of action in ways that seem seemingly random. This creates physical damage to the structures, which in a relevant part will have to be repaired or directly thrown away. The country's nuclear program suffers significant damage. Efforts towards Iran's nuclear weapon are not hopelessly lost, but suffer a sudden forced arrest – a retreat of several years of work, argued Secretary of State Hillary Clinton at the time. In reports immediately following the accident, centrifuges for the production of enriched uranium went from 4,700 to 3,900 in a rather mysterious way. Gholam Reza Aghazadeh, then head of Iran's nuclear program, is forced to resign.

What the Iranians did not know at the time is that the Natanz plant had been the victim of what is still called the most sophisticated and destructive cyber attack in the history of cyber warfare.

Several kilometers away, in Dimona in Israel, the government had long hidden a uranium enrichment plant virtually identical to that of Natanz. The Israelis had the exact same machines with Siemens components used by the Iranians. But the Israelis did not use them to produce enriched uranium. The purpose of the whole factory was to test the offensive ability of Stuxnet, the most sophisticated and expensive malware ever used for a military operation until then. The same malware used on machines running in Natanz.

You Might Want To Read This:   The smallest and lightest bicycle pump. Prestacycle has revealed a lot of news

For months, the Israelis, says a comprehensive 2011 New York Times article, had used Stuxnet on their equipment to figure out how much damage it could cause to the enemy state's nuclear program. Also thanks to these tests, Stuxnet was so effective, net of a small negligible problem: the worm ended up spreading even outside the Natanz plants, infecting tens of thousands of devices all over the Middle East (and beyond). But that's another story, which we've already told you about here.
Stuxnet was the culmination of a project shared by the USA and Israel kept under cover for years (we still know very little today). A project born under the administration George W. Bush as Operation Olympic Games, and culminated in the attack on Natanz under the Obama presidency. The general public came to know about Stuxnet by pure chance: it also spread on the PC of an Iranian civilian, and in a short time the virus was scrutinized by hundreds of computer researchers from all over the world.

You Might Want To Read This:   China is hunting for illegal cryptocurrency mines. Not everyone is afraid of the ban

What's going on these days

The skirmish between the US and Iran continued uninterruptedly until 2015, the year in which the two countries signed the nuclear deal. During this period, according to multiple analysts, as Patrick Howell O'Neill reports in the MIT Technology Review, the attacks have decreased in intensity and frequency. It doesn't mean there haven't been, anyway.
Indeed, albeit with less damage than in the past, since the election of Trump onwards there have been several cyber warfare operations attributed to Iran, including a ransomware attack on the city of Atlanta and the attempt to hack the emails of the committee for the Trump's reelection to the White House. With the killer attack on General Qasem Soleimani things are likely to change.

A few days after the news of the general's death, Iranian hackers hit the US Federal Depository Library Program website, again with a defacing operation. Instead of the classic homepage, Trump's face was punched by an Iranian soldier. In the same hours a group that calls itself "Shield Iran x #theloserteam"vandalized the home of the Texas Department of Agriculture, as well as the site of an organization of South Alabama war veterans. On January 8, several US state officials reported a spike in attacks on the sites. of Texas: around 10,000 attempts in 48 hours. None of these actions can be considered anything more than a simple flip. Yet we have seen that Iran has all the tools to do much more serious damage, and to attack the systems of targets far more relevant than a local administration's agriculture department.

You Might Want To Read This:   Android smartphones, are there alternatives to iPhone SE 2020?

Now analysts expect a return to the cyber conflict of the 2009-2014 five-year period: «There will likely be an increase in espionage operations, with the aim of the Iranians to acquire intelligence information to better understand the dynamics of geopolitical action in the USSaid John Hultquist, director of intelligence studies for the cyber security firm FireEye. "We also expect a series of destructive cyber attacks on the private sphere».

Cyber ​​attacks present a series of appreciable advantages, reasons that over the years have pushed isolated countries, which would have difficulty in a traditional conflict for reasons of resource asymmetries, to invest massively in creation of legions of state hackers. A hacker attack is more difficult to attribute to a specific state actor, thanks to the fact that many attacks are often carried out by groups not formally affiliated to the governments of the respective nations.

Just think of the Ababil operation, publicly traced back to Iran only in 2014, with the first arrests of 7 hackers involved after three years, in 2016. Statistically, for the same damage, it is also more unlikely than an attack IT follow a traditional military action. In the case of a Western democracy, the legitimacy of public opinion would be lacking, but this is not the only reason.

Yet it seems that Iran's reaction cannot be limited to the cyber war. Jacquelyn Schneider, fellow of the Hoover Institution (Stanford), says this with an interesting piece of opinion published in the pages of the New York Times. Schneider dismisses the psychosis for a possible mass cyber attack against the US as a "distraction", arguing that neither Operation Ababil nor the Shamoon attack have been able to produce serious and lasting damage.
Iran would do much more damage with minor attacks targeting against American military operations in the Middle East: the US military depends to a large extent on technology, undermining the pointing and navigation systems of Americans and their partners would lead to a downsizing of American action in the territory. This, in concert with smaller-scale attacks on American companies, could also reduce US influence in domestic and international politics in the long run, concludes Schneider.
At the same time, the need to avenge the death of one of the key men of the Iranian regime will likely push the nation to perpetuate extreme ferocious classical military operations against the American presence in the Middle East. The recent missile attack against some US bases in Iraq, with 80 deaths claimed by Iran (a figure that is certainly false), goes in this direction.

You Might Want To Read This:   the school in the time of the Coronavirus