According to an intelligence report, Iranian Port Authority was hit by a cybersecurity incident last Friday just hours after two government organizations confirmed a cyberattack. The Port Authority incident targeted its electronic infrastructure, presumably disrupting its goods flow throughout the weekend, even though no other areas were affected.
About the attackers, the authority’s spokesperson said the incident was perpetrated by “sworn enemies who failed in their goal of hitting Iran’s economy through sanctions”, which clearly indicates Iranian authorities’ attributed this attack to the U.S. No information on the other two affected agencies has been shared.
Nonetheless, cybersecurity experts think the incident could be linked to a recently deployed cyberwarfare campaign. Two Israeli cybersecurity firms said Thursday that they thwarted a large-scale, Iranian-linked hacking operation in September called Operation Quicksand, which targeted “prominent Israeli government organizations”. The alleged attack would seem to indicate a “new phase” in Iranian attacks against Israel, the firms said, adding that the tools used have previously been reserved for criminal operations – as opposed to destructive offensive cyberattacks by state actors like Iran.
On the other hand, reports from Iranian media pointed to possible attacks on ports and banking. It is worth mentioning that Iranian government constantly assures that it is thwarting cybersecurity incidents targeting national infrastructure, although its involvement in cyberwarfare campaigns has been limited since the Stuxnet virus outbreak. Experts say it is a well-known fact that Stuxnet is a joint US-Israel development.
Another recent cybersecurity incident affecting Iran’s infrastructure was detected last May, when Iranian Bandar Abbas port was completely compromised, supposedly by Israeli hacking groups. Israel has constantly pointed out that Iran is one of the main sponsors of terrorist groups, including Hamas and Hezbollah. Back then, cybersecurity experts mentioned that attack could have been an attempt to deploy further malicious activities using Bandar Abbas as entry point for hackers.
The cybersecurity community also states that Israeli government, tech firms and researchers have spent years designing a security plan to mitigate potential Iran-linked cyberattacks, cyberwarfare campaign that has just started. Another factor that quickly contributed to escalate tensions between Iran and US-Iran is the decision of Trump’s administration to quit the nuclear deal that involved world powers, so these conflicts seem not having an upcoming pacific agreement.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.