Hackers calling themselves members of “Iran Cyber Security Group” recently defaced the website of the US government’s Federal Depository Library Programme (FDLP) as an act of revenge following the killing of Iranian military commander General Qasem Soleimani by US forces.
Hackers behind the cyber attacks targeting US government websites recently succeeded in taking down the official website of FDLP while warning about more such attacks in the near future. The hackers inserted a banner on the website’s home page in which they wrote that ‘this is only a small part of Iran’s cyber ability’.
The cyber attack took place shortly after Iran announced that the United States’ military action, that resulted in the death of General Qasem Soleimani, would be met with “severe revenge” and that the military action only doubled Iran’s resistance.
“We will not stop supporting our friends in the regions, the oppressed people of Palestine, the oppressed people of Yemen, the people, and the Syrian government, the people and government of Iraq, the oppressed people of Bahrain, the true mujahideen resistance in Lebanon and Palestine. They will be supported by us,” hackers wrote on the defaced FDLP website.
“Martyrdom was his reward for years of implacable efforts. With his departure and with God’s power, his work and path will not cease and severe revenge awaits those criminals who have tainted their filthy with his blood and the blood of other martyrs of last night’s incident,” they added.
General Soleimani was the leader of Iran’s elite Quds Force which was responsible for protecting Iran’s interests in the Middle East. The force not only supported Hezbollah but also helped the Syrian army in their fight against rebels backed by the United States.
In a statement released on Friday, Chad F. Wolf, Acting Secretary of the U.S. Department of Homeland Security, said that Iran’s Quds Force is a U.S.-designated Foreign Terrorist Organisation and that the targeting of General Soleimani was part of the government’s will “to confront and combat any and all threats facing our homeland.”
Cyber warfare between the US and Iran far from over
Even though the US and Iran have not yet engaged in a full-blown military conflict, the two countries have been waging cyber warfare against each other for years, especially after the US determined that Iran was discreetly working towards building nuclear weapons.
State-sponsored Iranian hackers have also been actively targeting US’ digital assets in response to crippling economic sanctions imposed on Iran that has badly affected the nation’s economy and its crude oil exports.
In February 2018, the National Council of Resistance of Iran, which carried out regular protests and rallies against the Iranian government, revealed how the elite Iranian Revolutionary Guard used advanced spying tools to carry out round-the-clock out surveillance of millions of Iranians and people in the West.
“The dissemination of these apps outside of Iran will enable the IRGC to spy globally and at will. Some of these apps are also available on App Store, GitHub and Google Play despite reports and user reviews warning they contain spyware embedded by the Iranian regime’s app developers. The spread of these apps outside Iran will put Internet users across the world at significant risk, increasing the rate of malware infections.
“It is highly suspicious why the Iranian regime, which is hell-bent on controlling the Internet inside Iran, would make these apps available to other mobile users around the world through App Store, Google Play, and GitHub. While many of them have negative reviews and complaints about the apps being infected, they continue to be available for download on popular app stores,” the group said.
Iranian hackers targeted Trump’s re-election campaign too
In October, President Donald Trump’s re-election campaign was targeted by a hacker group which, according to Microsoft, appeared to be linked to the Iranian government. The group also targeted “current and former U.S. government officials, journalists covering global politics and prominent Iranians living outside Iran”.
Tom Burt, corporate vice president for Customer Security at Microsoft said in a blog post that Phosphorus, the hacker group in question, “attempted to use a significant amount of personal information both to identify the accounts belonging to their intended targets and in a few cases to attempt attacks.”
“This effort suggests Phosphorus is highly motivated and willing to invest significant time and resources engaging in research and other means of information gathering. MSTIC works every day to track threat groups including Phosphorus so we can notify customers when they face threats or compromises and so that we can build our products to better defend against these threats,” he added.
“Don’t think because the headlines have been focused on impeachments and the trade war with China that covert cyber activities aren’t going on regularly behind the scenes between these countries. Cyber is not only the poor man’s nuke for asymmetric warfare, but it is also a valid domain for causing damage all by itself,” says Sam Curry, Chief Security Officer at Cybereason.
“One of the buzzwords making headlines in the coming days will be ‘resiliency’ and how governments and companies respond to new cyberattacks. Today, there is often too little emphasis on facing the truth that intelligent, motivated, equipped opponents will eventually succeed and that requires planning to both minimize damage and to return to normal operations as rapidly as possible. This is far too often neglected,” he adds.