Could nuke deal withdrawal embolden Iranian hackers?

Iranian hackers will retaliate on American targets if President Donald Trump withdraws the U.S. from the Iranian nuclear agreement, cyber experts are warning.

While Tehran has spent the years since the start of nuclear negotiations focusing its digital wrath on regional rivals like Saudi Arabia and the United Arab Emirates, the regime would likely use cyberattacks to strike back at Trump if the president takes steps to discard the international agreement, according to digital warfare specialists. “I personally think they’ll double down their efforts and we’ll start to see a lot more attacks,” Stuart McClure, the CEO of security firm Cylance, told Eric for a story that ran over the weekend. “And we’ll probably see a lot more sophisticated attacks.”

Story Continued Below

While Russia and China grab more headlines for their digital meddling, Iranian hackers have been hard at work stealing corporate secrets, spying on dissidents and damaging rival powers’ critical infrastructure, such as energy companies. These digital assailants initially targeted the United States with a barrage of low-level attacks on financial institutions in 2011 through 2013 — for which the Justice Department indicted seven Iranians — but scaled back their American-focused activities as tensions with their Gulf neighbors escalated. They have also refined their tactics over the years, and they could buy better capabilities from Russia, China or the black market, experts said. “They’re plenty good enough to cause a lot of difficulty,” said Ben Read, head of cyber espionage analysis at FireEye.

Even if Trump does violate the nuclear deal — such as by refusing to recertify Tehran’s compliance, thus opening the door for Congress to impose sanctions that are prohibited by the deal — Iran’s reaction may not be swift. It may prefer to wait, watching the U.S. endure temporary pariah status in the international community for breaking a multinational agreement that the other signatories have heralded. But Iran views hacking as a key part of its foreign influence toolkit, experts said. “We are very concerned and keeping close watch on what kinds of things might manifest against Western targets if that deal falls apart,” said Adam Meyers, CrowdStrike’s vice president of intelligence.


Continue reading…