IT Vortex - Managed IT Services

6 Ways To Protect Yourself From an Iranian Cyberattack

There’s much speculation on Iran’s plans in response to heightened world tensions and what it might mean in the cyberspace domain. We’ve already witnessed an Iranian kinetic response on U.S. assets in Iraq, so it’s worth assessing whether we’re experiencing cyber fear-mongering or if companies and governments should take steps to help protect themselves if needed.

The key is to ascertain if it is a viable threat.“Threat” is a combination of motivation, willingness and capability. In this case, seemingly, Iran wants to strike back at U.S. interests (motivation); believes they have little to lose, with max sanctions already in place, and much to gain (willingness); and Iran is known to have attack tools at their disposal (capability).

Recall in 2012 the Iranian hacker groups, allegedly working on behalf of the Iranian government, who conducted distributed denial-of-service attacks against dozens of American banks, as well as attempting to seize control of Bowman Dam outside New York City.

Those who raise the threat of an Iranian cyberattack as a possible or likely response in 2020 are not recklessly beating the drum.

Iran’s likely targets

Who might the Iranians aim their potential attacks at, and why? National, commercial and local targets would be consistent with Iranian attack history to demonstrate Iran’s ability to “slap back.”

On the national level, U.S. government systems, ranging from U.S. Government’s departmental public-facing web pages to systems that are actually used to communicate or organize the U.S.’s plans to address Iran. This includes the perceived instruments of U.S. government pressure against Iran — for example, defense, finance, commerce and diplomatic systems.

Commercially, though typically not targeted for cyberattack by nation-states (though a favorite of criminals), the U.S. financial sector, such as banks, has been attacked by agents of Iran in the past, so it certainly would seem very possible to be on their target list again. There may be other commercial targets – those that are perceived as instruments of government power — that may serve as motivation for other attacks on commercial entities as well.

Local governments might be targeted as an attempt to directly affect the U.S. population, as it is the easiest way to potentially impact the populations in cities or towns.

Additionally, certain critical infrastructures in such industries as oil and gas and chemicals might be targeted, since Iran has technical expertise in those sectors.

Types of attacks

Contrary to popular belief, it’s hard to implement an impactful, sustained and scalable cyberattack. While an attacker might be able to achieve one of those goals, accomplishing all three is complex. The most likely techniques that could be executed quickly include:

  • Distributed Denial of Service (DDoS) attacks, in which systems or communication pipes are clogged by bogus data.
  • Ransomware attacks, in which data within systems is rendered unusable unless an attacker demand is met.
  • Sleeper agent attacks, in which malicious cyber implants are placed in key systems during “peacetime” and activated through remote control during a crisis to enable access for malicious activities.

6 ways to protect your assets

So if the threat is realistic, what should be done? While it’s never a fair fight to expect a private company or local government to defend against a nation-state attack — we need to depend on the Federal government’s diplomatic and national defense capabilities to defend the nation — there are commercial techniques that can be employed immediately to become more resilient.

  1. Separate your critical assets. Evaluate your firewall architecture to ensure that you separate your critical assets into well-protected domains so that a failure in one domain does not become catastrophic.
  2. Create multiple communication options.Give yourself multiple paths to communicate in the face of denied or congested communications, using SD-WAN capabilities. SD-WAN is secure networking capability that allows you to agilely change the communication path you use, depending on a variety of factors, including availability. Ensure that the commercial service agreements with your network service provider includes the ability to add optional communication bandwidth and cloud capacity.
  3. Follow procedural safeguards.Make backup copies of critical data and store them offline to counter ransomware attacks.
  4. Use automated and integrated cybersecurity techniques. Implement a platform approach to integrating security devices. Arm yourself with commercial security tools, such as Endpoint Detection & Response (EDR) and Security Orchestration Automation & Response (SOAR), which provide the ability to quickly detect and automatically respond to a potential attack.
  5. Inspect suspicious cyber communications. Look at suspicious content using advanced cybersecurity techniques, such as inspection of suspected malicious email attachments to test for potential threats in a safe environment, and the examination of encrypted internal communications to find hidden evidence of potential pre-placed command-and-control malicious software implants.
  6. Leverage up-to-date threat intelligence. Ingest and put into place threat indicators — special patterns of software that are “signatures” of malicious software. These are available commercially and through the government to block known attacks and their derivations.

It’s often said, correctly, that cybersecurity is a team effort. In the face of a motivated and capable nation-state attacker, that’s as true as ever. In the face of heightened international tension, we need to depend on the important and unique national defense capabilities of the U.S. Government, such as CYBERCOM, NSA and the CIA, to make prudent self-defense preparations as noted above and to be prepared to both share indicators of attack with information-sharing brokers and know how to enlist the support of the local FBI office if under duress from a suspected Iranian attack.

— By Phil Quade. Mr. Quade is chief information security officer at Fortinet and a member of the CNBC Technology Executive Council

Share this post

questions about our services?

Request a free consultation. Fill out the form and we will call you to answer all your questions



Tech Tips, Cyber Threat Mitigation, Cutting Edge Technology, Cost Savings and More!



 

IT Vortex, LLC is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. You will consent to us contacting you for this purpose, by submitting the form.

Apply for this position

Fill out the form below and our hiring team will reach out to you as soon as possible



zoom-logo

We use Zoom extensively to meet internally and externally. We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

wasabi logo

Wasabi is offered in our Cloud Hosting Platform. We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

vmware logo

Our Datacenter is built on a VMWare architecture. We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation. 

veeam green logo

Veeam is offered in our Cloud Hosting Platform. We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

Trend Micro Logo
Solarwinds Logo

Solarwinds is offered in our Cloud Hosting Platform. We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

Proofpoint essentials Logo

Fortinet is offered in our Cloud Hosting Platform. We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

observe IT Logo

ObserveIT/Fortinet is offered in our Cloud Hosting Platform. We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

NEAT Logo

We use NEAT extensively in our offices. We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

mitel logo

Our telephone platform of choice. We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

microsoft logo

Various Microsoft technologies are offered in our Cloud Hosting Platform. We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation. 

ingram micro cloud logo

Our distribution preferred partner for our technology offerings.

Fortinet logo

Fortinet is offered in our Cloud Hosting Platform? We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

DTEN logo

We use DTEN extensively in our offices. We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

Dropbox logo

We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

Dell logo

Dell servers are a key component offered in our Cloud Hosting Platform. We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

Condusiv Technologies logo

Condusiv Technology is offered in our Cloud Hosting Platform? We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

Cisco logo

Cisco Technology is offered in our Cloud Hosting Platform via DUO for MFA. We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

Barracuda Logo

Barracuda Technology is offered in our Cloud Hosting Platform. We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

Amazon_Web_Services_Logo

IT Vortex partners with AWS via VMware for the VMware on AWS offering that allows for cloud services fulfillment via AWS utilizing the same VMware products many companies already enjoy the benefits from.

ACTI Logo

Technology Reseller and Distributor, Certified Implementation Expertise with all ACTi products and services. IT Vortex has worked with ACTi for over a decade implementing security camera solutions for a multitude of industries with AI, Facial Recognition, License Plate Recognition, Loitering Detection, Cloud storage, and more.

questions about our services?

Request a free consultation. Fill out the form and we will call you to answer all your questions



microsoft logo

Name of the partner

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Ut enim ad minim veniam, quis nostrud exercitation ullamco. Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Ut enim ad minim veniam, quis nostrud exercitation ullamco Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Ut enim ad minim veniam, quis nostrud exercitation ullamco. Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Ut enim ad minim veniam, quis nostrud exercitation ullamco

Security as a Service (SECaaS) by IT Vortex

Pricing Calculator

Choose a service, answer a few simple questions, and receive an individual quote for our services

User count by type

Fill out the form and we will call you to answer all your questions