Tehran ‘stepping up cyber attacks’ against Kingdom
Amidst rising tension between Iran and Western nations over the Iranian aggression in the Strait of Hormuz, Tehran is stepping up cyberattacks against the Kingdom, Wall Street Journal reported. As ever in the cyber domain, there is always some level of activity, but the WSJ reports that such activity has now risen “above the normal level of Iranian cyber activity.” The recent attacks have targeted many governmental as well as private institutions.
According to the WSJ, US intelligence has suggested Tehran is the likely culprit, with a Bahrain Ministry of Interior spokesperson assuring that “robust safeguards are in place,” adding that “in the first half of 2019, the authorities had successfully intercepted over six million attacks and over 830,000 malicious emails”. While these attacks have reportedly been against targets in Bahrain, the message will have been received by other states in the region as well as by the US and its allies more broadly. For the time being, though, Iran’s efforts remain primarily focused on the under-protected US corporate sector (including critical infrastructure) and US allies.
Two weeks after US Cyber Command hit Iran’s command and control structure in the aftermath of the downing of a US surveillance drone, came a warning that an Iranian-led hack was targeting the millions of unpatched Microsoft Outlook systems, Forbes reported. “And since then we have seen attacks on LinkedIn as well. An attack in one domain led to retaliation in another. This is a major hybrid warfare development seen this year,” a US official was quoted by the magazine.
The WSJ cites US officials “familiar with the matter,” who confirmed the cyber breaches in Bahrain—saying that at least three entities had suffered intrusions.” Obvious parallels were drawn with the Shaman attacks from 2012, which targeted state oil and gas companies in Saudi Arabia. In June, the US Department of Homeland Security warned of a”recent rise in malicious cyber activity directed at United States industries and government agencies by Iranian regime actors and proxies.”
The National Security Agency has also warned of malicious Iranian cyber actions, telling AP “in these times of heightened tensions, it is appropriate for everyone to be alert to signs of Iranian aggression in cyberspace and ensure appropriate defences are in place.” Information and eGovernment Authority (IGA) Chief Executive Mohamed Ali AlQaed said that iGA has not had any issues in dealing with the attacks, and so far all attacks have been dealt with success without causing any downtime to government or private entities.
“Bahrain and this whole region have been under the attack constantly in the past few years and we have been dealing with them as needed. The positive aspect is that there has been no major downtime because of these attacks. “Organisations and businesses did not have to close for any considerable period of time because of these attacks. Normal operations have continued despite these attacks,” he said.
Last year it emerged that Bahrain was one of the countries being targeted by an Iran based cyber-spies group Leafminer. The cyber espionage group Leafminer released a threat actor to target many countries in the region and Bahrain was one of them, according to US cyber-security firm Symantec.