As tensions rise between the U.S. and Iran, cyber warfare between the two countries heightens.
Sources tell the AP that military cyber forces in the U.S. conducted strikes against Iran last week after President Donald Trump abruptly canceled plans to attack Iran with military force following Iran’s downing of a U.S. surveillance drone.
According to two officials who spoke to The Associated Press on the condition of anonymity, Trump approved these strikes. A third official, who was also unauthorized to speak, corroborated the strike.
The cyberattacks targeted Iran’s Islamic Revolutionary Guard Corps computer system, which controlled its rocket and missile launchers. Recently designated a foreign terrorist group by the Trump administration, the IRGC is a branch of the Iranian military.
Since the U.S. withdrew last year from the 2015 nuclear deal with Iran and began a policy of “maximum pressure” resulting in heavy sanctions, relations between the two countries have deteriorated.
Representatives of cybersecurity companies CrowdStrike and FireEye told the outlet that hackers believed to be working for the Iranian government have mounted spear-phishing attacks against U.S. government agencies, as well as finance, oil and gas companies.
“Both sides are desperate to know what the other side is thinking. You can absolutely expect the regime to be leveraging every tool they have available to reduce the uncertainty about what’s going to happen next, about what the U.S.’s next move will be.”
“Both sides are desperate to know what the other side is thinking,” said John Hultquist, director of intelligence analysis at FireEye to the AP. “You can absolutely expect the regime to be leveraging every tool they have available to reduce the uncertainty about what’s going to happen next, about what the U.S.’s next move will be.”
These attacks are not new, according to CrowdStrike, which calls the Iranian actor involved in the cyberattack “Refined Kitten.” Adam Meyers tells the outlet that the U.S. energy and defense sectors have long been targets of malicious cyber activities.
In a response last week to the AP, the National Security Agency said that “there have been serious issues with malicious Iranian cyber actions in the past.”
“In these times of heightened tensions, it is appropriate for everyone to be alert to signs of Iranian aggression in cyberspace and ensure appropriate defenses are in place,” the NSA added.