News Insights – The Cybersecurity 202: Get ready for serious cyberattacks from Iran, experts say

News Insights:

Ray DeMeo, co-founder and COO at Virsec:

“Given that Iran already has a history of launching cyberattacks it seems almost inevitable in today’s climate that we’ll see new threats. Cyberattacks are an extremely cost-effective form of asymmetrical warfare, with even small attacks getting lots of publicity and causing general anxiety and fear. The only solution for businesses is to be extremely vigilant, upgrade aging security systems, and understand new hacking techniques that target applications during runtime and leave few clues behind. Just like we accept higher levels of security and vigilance around air travel, heightened cyber security will be a fact of life, and businesses that are complacent will quickly get in the crosshairs.”

Warren Poschman, senior solutions architect at comforte AG:

“With the escalation of tensions in the Middle East, many are asking how far reaching the impacts could be for the US private sector.  While the impacts to the petroleum industry, defense contractors (and service members) supporting US FOBs, and travel providers are very direct, we cannot forget about the real potential for state-sponsored cyberattacks on both international and domestic US interests.  In 2018 the DOJ indicted several Iranian nationals in a scheme that penetrated universities, businesses and governmental organizations and stole more than 31 TB of data primarily by using credential hacks. While much of the fear has been focused on utilities, communications, and other infrastructure, the track record indicates the focus will likely be on softer targets that are rich with identity data, financial data, and intellectual property data.  The best way for organizations to protect data is by using a data-centric security approach that ensures data is kept secure and private, especially since traditional security measures such as strong authentication, firewalls, and data-at-rest encryption are unlikely to deter access or theft going forward.”

Paul Bischoff, privacy advocate with Comparitech.com:

“Some organizations face a greater threat than others. Financial services, energy, oil and gas, health care, infrastructure, and any business that contracts with the federal government is a more likely target. Businesses will have to prepare for several types of threats such as malware, network disruptions (DDoS attacks), data theft, and phishing. Because Iran is a nation-state actor, it has a broad range of tactics at its disposal as well as the resources to conduct large-scale cyberattacks. Because Iran is unlikely to retaliate economically or militarily, cyberattacks should be expected instead.  Defensive tactics include keeping software and firmware up to date, using firewalls and antivirus, encrypting data, access control (least privilege), using strong and unique passwords, intrusion detection, and educating all staff on how to detect phishing messages as well as a policy for dealing with them. High-risk organizations might want to hire white hat hackers to test their systems for security holes and oversights. Businesses should also have a plan for when things go wrong. Create a disaster recovery plan that addresses each of these threats.”