Rumors are swirling that Iran may launch cyberattacks on American businesses and government entities in response to the assassination of top Iranian General Qassem Soleimani. Naturally, these rumors are worrisome for business owners who want to keep their information and IT systems safe from hacks, breaches, ransomware, downtime, and other threats. But just how serious is the threat of cyberattacks from Iranian criminals? Following is a look at what can be expected as well as tips from leading IT experts on how to keep your systems safe.
Who Would be Targeted?
Likely private-sector targets for Iranian cyberattacks include:
- Chemical plants
- Pharmaceutical companies
- Oil refineries
Government-run infrastructure is also a prime target. This includes water treatment systems and power grids. Some are speculating that Iran may use disinformation campaigns and even try to hack into voting systems just like Russia was accused of doing back in 2016.
It’s also worth noting that Iranian cyberattacks may not only hit their targets but also third parties that weren’t originally targeted. Alternatively, it’s possible that hacktivists may take out business and government targets that aren’t being officially targeted by government-backed hackers.
What Types of Attacks can be Expected?
Don Baham from Kraft Technology Group in Nashville, Tennessee, reports that the Iranian cyber response he expects includes website defacing attacks and destructive malware attacks. Ilan Sredni from Palindrome Consulting in Fort Lauderdale, Florida, points out that Microsoft is ending support for Windows 7 and Server 2008, leaving businesses and individuals who use these programs vulnerable to attack as the programs will no longer be updated to patch vulnerabilities that can be exploited by hackers. Furthermore, Mr. Sredni points out that Iranian cyberattacks aren’t necessarily connected to political happenings, which means that attacks can be expected even if tensions between the United States and Iran cool down.
How Can You Protect Yourself?
As Don Baham points out, companies that don’t do business with anyone in Iran should use firewall and cloud application features to geo-IP block all IT activity originating from Iran. Upgrading from Windows 2007 to 2018 is a wise idea, as is either upgrading to Server 2012 or migrating to Microsoft Azure.
Now it also a great time to ensure that your business has strong cybersecurity in place to prevent hacks from cybercriminals the world over. Effective cybersecurity measures include:
- Choosing strong passwords and using two-factor authentication. Good passwords include both upper and lower-case letters, symbols and numbers. Two-factor authentication requiring you to type in a code sent to your smartphone prevents hackers from getting into your IT system even if they do manage to guess your password
- Provide ongoing cybersecurity training for all staff members. A quarter of all breaches are caused by human error and many of these errors can be avoided with proper training.
- Update all software programs regularly. Granted, it takes some time to allow IT systems to automatically update software programs and operating system, but it’s well worth the short delay. Updates frequently contain patches to eliminate vulnerabilities that could make it easy for a cybercriminal to attack your system. Without regular updates, your system is vulnerable to all types of malware.
- Use an effective back-up system and have a disaster recovery plan in place in case an attack renders your systems and data inaccessible. One reason why ransomware attacks are so commonplace is that many companies and individuals feel compelled to pay the ransom because they don’t have data back-ups.
Many experts believe that Iran may use cyberattacks to get revenge for the assassination of Gen. Soleimani. Alternatively, as some point out, other nations may use the political tension to conduct their own cyberattacks against American businesses and individuals and then frame Iranian hackers for the crime. In any case, it’s best to be prepared for a surge in cyberattacks, especially if you work in one of the industries outlined above.
The good news is that there are effective ways to prevent cyberattacks from Iranian cybercriminals. Geo-IP blocking, updating IT operating systems and software programs, setting up a strong password system and providing cybersecurity training to employees are all tried-and-proven ways to minimize the risk of being hacked. It can also be wise to partner with an IT MSP firm to ensure you have expert help on hand should an unfortunate incident occur.
You may be interested in: “What is cyber security?”