Organizations Urged to Increase Cybersecurity

In the midst of the current geo-political tensions between the United States and Iran, it comes as no surprise that the US Department of Homeland Security (DHS) issued a bulletin on January 4, warning that Iran may launch a cyberattack against US critical infrastructure organizations. A few days later, the DHS Cyber Infrastructure department issued another advisory, CISA Insights, encouraging U.S. companies to “assess and strengthen” their security posture to protect against possible Iranian cyberattacks. Attacks on critical infrastructure—such as utilities, Internet service providers, or transportation systems—could affect public safety and have an enormous impact on local, regional or even national economies.

The cyber attackers could also target financial organizations. American Banker reported that possibility, noting that Iran had previously launched such attacks: “In 2011 and 2012, the Izz ad-Din al-Qassam Cyber Fighters launched dozens of distributed-denial-of-service attacks against U.S. banks.”

Officials have reason for concern, because Iran has conducted small-scale cyberattacks against US organizations in the recent past; see this Center for Strategic and International Studies report of Publicly Reported Iranian Cyber Actions in 2019. Cyberattacks can vary from disk-wiping malware to theft of intellectual property, web defacement, or distributed denial of service (DDoS) attacks.

Thus far, only a couple of relatively small-scale cyber hacks have been announced. The Washington Post reported that on January 5 hackers breached and defaced the website of the U.S. Federal Depository Library (USFDL). And, according to StateScoop, the Texas Department of Agriculture’s site was briefly defaced on January 7, with an image of Qassem Soleimani, the Iranian general who was killed last week in a U.S. airstrike. A group of hackers referring to themselves as “Shield Iran” claimed credit for the latter attack. In many attacks it can be difficult to determine whether the perpetrators are government led, terrorist groups, or lone actors who share a similar political agenda.

Enterprises Should Take Protective Measures

In both the public and private sectors, it is important for organizations to beef up their cybersecurity postures. Cyber-attacks are a constant threat, but there is a heightened risk amidst the current tensions. When choosing which defenses to deploy, automated, real-time DDoS protection should be a priority, because DDoS attacks are common, and the technology to launch attacks has become more sophisticated, more powerful and, at the same time, cheaper and simpler to use.

There are generally two categories of attacks: 1) high-volume DDoS that overwhelms network connectivity and 2) sub-saturating state-exhaustion DDoS that impacts infrastructure devices and servers running applications and services.  These can also mask more nefarious activity which may lead to security breaches, including the use of malware and ransomware (Data breaches and network disruptions often go hand in hand, launched by the same hackers). Enterprises have a variety of options for DDoS mitigation, from on-premises to cloud protection, with a common approach being to subscribe to DDoS protection as a service (DDPaaS) from an Internet Service Provider.

For over a decade, Corero has been providing state-of-the-art, highly-effective, real-time automatic DDoS protection solutions for enterprise, hosting and service provider customers around the world. Our SmartWall DDoS mitigation solutions protect on-premise, cloud, virtual and hybrid environments, without the downtime associated with other solutions. For more on Corero’s diverse deployment models, click here. If you’d like to learn more, please contact us.

Sean Newman is VP Product Management, responsible for Corero’s product strategy. Sean brings over 25 years of experience in the security and networking industry, to guide Corero’s growing leadership in the real-time DDoS protection market. Prior to joining Corero, Sean’s previous roles include network security Global Product Manager for Cisco, who he joined as part of their acquisition of cyber-security vendor Sourcefire, where he was Security Evangelist and Field Product Manager for EMEA. Prior to that he was Senior Product Manager for endpoint and network security vendor Sophos, after having spent more than 12 years as an Engineer, Engineering Manager and then Senior Product Manager for network infrastructure manufacturer 3Com.