back to article Cyber-warnings, cyber-speculation over cyber-Iran's cyber-retaliation cyber-plans post-Soleimani assassination

With tensions soaring between America and Iran following the drone strike that killed top Persian general Qassem Soleimani, experts are weighing in on what the US could face should the Mid-East nation fully mobilize its cyber resources. The threat of an online attack from the wannabe-nuclear state was significant enough that …

  1. Anonymous Coward
    Anonymous Coward

    Cry Hacker...

    ... and let slip the lapdogs of war !!!

    1. james_smith Silver badge

      Re: Cry Hacker...

      Laptops of war?

  2. Anonymous Coward
    Anonymous Coward

    Of course there are other, more capable, countries who might think it beneficial to run a false flag operation.

    1. HildyJ Silver badge

      False flag ops

      I'm sure Russia and China are already modifying their cyber ops to run through Iran.

  3. DougS Silver badge

    I almost hope it happens

    Because only after a real cyberattack that demonstrates how bad it can be will there be the proper wakeup call. Until then it is all just "hackers broke into one company but that's not applicable industry/nation wide" or "stuff that happened in Ukraine that could never happen here".

    Because whatever Iran can do, I have no doubt that Russia, China and possibly North Korea could do worse.

    1. whitepines Silver badge

      Re: I almost hope it happens

      True, if there was ever an event that could finally force people off closed source garbage like Windows and Intel this would be in the top running. At least it's possible Iran could stuff up the actual attack part, limiting damage some, whereas the other players would know how to inflict maximum damage and make absolutely sure to salt the earth the first time around.

      1. big_D Silver badge

        Re: I almost hope it happens

        It has nothing to do with Windows or Intel. Open source software has equal problems and can just as easily be hacked, if it isn't properly configured (E.g. Apache, MongoDB, MySQL, PHP etc.)

        It is how you secure your infrastructure and your data that counts, not neccessarily what it runs on. For example, isolating critical systems from the office network and the Internet, ensuring backups work and ensuring that the firewall is set up properly to only let in needed traffic.

        It is comfortable for a manager to be able to check on his factory floor equipment from the other side of the world. Whether that is in any way a good idea, let alone good security practice, is another. That kit should be isolated as much as possible and no access or changes possible over the Internet.

        But most importantly, user training. It is irrelevant how good your systems are, the human in front of the device is always the weakest link.

    2. toejam

      Re: I almost hope it happens

      The other question is if companies will just demand more fingers in the dike or if they'll step back and look at all possible ways the sea could engulf them.

      My employer was hit by a likely state-sponsored DoS a couple years back. We did the typical post-attack expansion of capacity. But we also started looking at more non-traditional attacks, just in case that DoS attack was just a distraction. We had been quietly ramping up countermeasures against internal threats from disgruntled employees for years, but after the attack, we really started looking into state-sponsored espionage and sabotage. Stuff that was common practice just a few years ago can now result in immediate termination.

      As to my first question, I have a bad feeling that most companies really won't step back unless the attack is devastating financially to them (or an unlucky competitor whose failure is now an example for all) or unless new regulation forces them to do so. And we all know how businesses love new regulations.

    3. Anonymous Coward
      Anonymous Coward

      Re: I almost hope it happens

      Very true but we've seen this in the UK. If you were one of the NHS Trusts hit by Wannacry money was thrown at cyber/info sec. Where as the rest got pennies. Why?

      Because the execs wanted their backs covered and knew a second incident like that would end their careers if they'd done nothing, the rest have sat on their hands.

      1. Anonymous Coward
        Anonymous Coward

        Re: I almost hope it happens

        That's not accurate at all. The NHS used money ring fenced by central government for security to purchase Windows 10 licenses for every work station within the NHS on the provision that Trusts had to connect them in to a new centrally provided ATP instance. They also funded a perimeter security project for firewalls targeted at critical trusts. There are other things in the pipeline that are yet to be made public. Why funded centrally? Because the trusts themselves simply don't have the budgets for IT infrastructure or IT staff which is why Wannacry was able to happen in the first place! But patching operations for similar vulnerabilities have been significantly reduced across the NHS.

  4. Anonymous Coward
    Anonymous Coward

    Pro BoFH Tip: Make the most of a crisis

    Just following these simple steps:

    1) Generate a slide-deck (or PDF) from your Firewalls, showing all the port-scans and dodgy looking URL requests over the weekend

    2) Share slide-desk with your CFO and mention "It was lucky you spotted these, and had to spend the weekend monitoring and manually blocking them from accessing the Accounts file share"

    3) Finally, enjoy your new shiny Firewalls and Coffee Machine

    You're Welcome.

    1. phuzz Silver badge

      Re: Pro BoFH Tip: Make the most of a crisis

      Step 1a) Make sure you use as many buzzwords like, "cyber", "AI, and "cloud", as possible in the powerpoint.

  5. kmedcalf

    Nuclear Weapons

    Does not the United States have Nuclear Weapons? Reducing Iran to a sheet of glass will put an end to their "Cyber capability".

    As ye sow, so shall you reap ... The United States has obviously not learned this lesson yet.

    1. Claptrap314 Silver badge

      Re: Nuclear Weapons

      Iran has been prosecuting an undeclared war against the US for forty years. This killing was a warning shot, really.

      1. james_smith Silver badge

        Re: Nuclear Weapons

        The US started the war by deposing the elected government of Iran and imposing the Shah, then conducting a "hot" war via Iraq when the Iranians overthrew the Shah.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020