Want to be a reporter or would you like to buy a report for the best price?
Just Sign Up here!
Privacy guidelines License our content Help
A move by President Donald Trump to discard the Obama-era nuclear deal with Tehran could bring a swift retaliation from an increasingly aggressive Iranian hacker army, reported Politico (Germany).
Some of those attacks might target America’s power plants, hospitals, airports and other pieces of critical infrastructure, multiple cyber experts who track Tehran’s hackers are warning. Iran’s current Western hacking is limited almost entirely to commercial espionage and dissident surveillance, but the country could quickly redirect its efforts in the event of a rupture of the nuclear pact.
Iran has spent years honing its digital skills through cyber campaigns that have pummeled regional adversaries, stolen trade secrets from foreign competitors and destroyed computers at the oil giant Saudi Aramco. And initially, the country also aimed its cyber forces at the U.S., launching a barrage of distracting attacks on the financial sector and even successfully infiltrating a dam in New York state.
But after the U.S. and six partners began discussions with Iran in 2013 to lift some economic sanctions in exchange for limits on Tehran’s nuclear program, the country’s hackers have largely spared the U.S., focusing instead on industrial espionage and hitting rival Middle Eastern powers.
Cyber experts say that would change if Trump and Congress abandon the nuclear agreement, which freed up roughly $100 billion in frozen Iranian assets after taking effect in 2015. Trump has strongly hinted he wants to ax the deal, telling the United Nations General Assembly last week that it was “one of the worst and most one-sided transactions the United States has ever entered into” and later saying he had already made up his mind on the issue.
“I personally think they’ll double down their efforts and we’ll start to see a lot more attacks,” said Stuart McClure, the CEO of security firm Cylance, which revealed one of Iran’s most pervasive hacking groups in 2014. “And we’ll probably see a lot more sophisticated attacks.”
Iranian hackers are not as skilled as those in Russia and China, but they are rapidly improving, experts say. And even if the country cannot develop certain digital tools itself, it can always buy them from Russia, China or the black market.
“They’re plenty good enough to cause a lot of difficulty,” said Ben Read, head of cyber espionage analysis at FireEye.
Tehran’s digital prowess was highlighted just this month when FireEye exposed a massive cyber espionage campaign targeting Saudi and South Korean aviation and energy firms. Researchers said the efforts reflected the regime’s desire to expand its economic competitiveness as the country integrates with the global market in the wake of the nuclear deal.
But for years prior to the nuclear talks, Iran also aggressively targeted Western institutions.
In the early 2010s, suspected Iranian hackers inundated the U.S. financial sector with a plethora of simplistic but bothersome distributed denial-of-service, or DDoS, attacks, which try to overwhelm a computer network with fake traffic. In 2016, the Justice Department indicted seven Iranians in such a campaign, accusing them of spending 176 days launching DDoS attacks on American banks between late 2011 and mid-2013, taking websites offline and rendering online bank accounts inaccessible. One of the hackers was also charged with infiltrating the control systems of a New York dam, a disquieting development, given the destruction that could be caused if the intruder had been able to manipulate the dam.
Iran changed its focus, though, once the country’s leaders came to the negotiating table with China, France, Germany, Russia, the United Kingdom, the United States and the European Union to discuss limiting Tehran’s nuclear program. Many countries have long been wary of a nuclear-armed Iran, fearing it would further destabilize the Middle East.
During the talks, Iranian hackers spied on Western diplomats to gather intelligence about negotiation strategies using a level of skill not seen before, said McClure, but they scaled back the DDoS attacks that had been battering the banking sector. Meanwhile, said Read, Iran also shifted away from destructive attacks on Western infrastructure, focusing these efforts instead “on their neighborhood.”
The parties signed the nuclear agreement in July 2015, after almost two years of formal talks.
Since then, Iran’s digital shift has continued, with the country deploying its ruinous digital power on its neighbors — mostly Saudi Arabia and the United Arab Emirates — while collecting corporate intel on its foreign competition. Religious rivalry has long dominated the Middle East, with Saudi Arabia and the UAE dominated by the Sunni branch of Islam and Iran controlled by the Shia branch.
In late 2016, cyber researchers identified a new Iranian hacking campaign targeting Saudi Arabia with a type of malware, dubbed Shamoon, that completely wiped the hard drives of infected computers. It was a variant of the same virus that had trashed tens of thousands of computers at the state-owned Saudi Aramco in 2012, erasing data on three-quarters of the firm’s computers and crippling one of the world’s most valuable companies.
But this muscular presence was increasingly absent at Western targets, researchers said. Adam Meyers, vice president of intelligence at the cybersecurity firm CrowdStrike, attributed the drop-off to Tehran’s need for cyber resources in its regional conflicts, rather than its desire to offer up a goodwill gesture following the nuclear deal.
If Trump and Congress reject the Iran nuclear deal, however, experts believe the country would swiftly train its focus back on the U.S. Trump has indicated that he may not recertify Iran’s compliance with the agreement, which would trigger a 60-day window in which Congress could reimpose sanctions on Iran. Those new sanctions would violate the deal and effectively remove the U.S. from it.
The White House did not respond when asked whether it was worried about Iranian digital retaliation if the U.S. left the nuclear deal.
Cyber specialists said that if the U.S. withdraws from the deal, not only will Iran resume full-scale hacking of American targets, but it will do so with greater discipline and capabilities than last time.
“We’ve seen them mature their offensive, destructive targeting at Saudis,” said Meyers. “They’ve developed a more mature way of thinking about establishing offensive cyber capabilities.”
McClure expects Iran would use more zero-day exploits, which are tools designed to take advantage of previously unknown technological flaws. Such tools are especially formidable because software engineers may not have a quick fix ready for the flaw being abused.
If Iranian operators can’t craft these tools, they could easily purchase them from other premier digital powers, such as China and North Korea, McClure said. Pyongyang’s No. 2 official recently spent 10 days in Iran, part of a possible effort to strengthen military ties. The two countries also inked a deal in 2012 to share information technology.
The financial sector and the oil and natural gas industries would likely be the first targets of Iran’s renewed digital assaults, according to Read, the FireEye analyst, because of the banking industry’s “importance to the U.S. and [the] importance of enforcing sanctions.”
“And with oil and natural gas,” he added, “that’s someplace where Iran has a lot of eggs in that basket.”
The one thing that might keep Iran’s hackers at bay if the deal falls apart would be the regime’s contentment to “stand back and enjoy watching the rest of the world turn against the U.S.,” said George Perkovich, vice president for studies at the Carnegie Endowment for International Peace, where he researches nuclear and cyber issues. Other signatories of the pact have already warned the U.S. against abrogating its terms.
Regardless, Tehran will be frustrated if the U.S. breaks the agreement, and experts agree the country’s digital warriors can help the regime project influence wherever it chooses to do so.
“We are very concerned and keeping close watch on what kinds of things might manifest against Western targets if that deal falls apart,” said Meyers.
A fate as unpredictable as the reality of Donald Trump awaits the Iran nuclear deal. By refusing to certify it, and thus outsourcing any decision on the matter to 535 congressmen, Trump could cast a pall of uncertainty over the deal's future. But the ramifications of this dynamic are likely to ripple far beyond the deal itself, reported Al Jazeera (Qatar).
To fully appreciate the broader significance of the deal, formally known as the Joint Comprehensive Plan of Action (JCPOA), one would do well to consider the backdrop against which it came into being.
For all the legitimate criticisms levelled against Obama, it was thanks largely to his term in office that US engagement with the international order - repeatedly decimated by George W. Bush's uninhibited gangsterism - would undergo a groundbreaking shift. In the teeth of fierce opposition from his political rivals, Obama would stake the last remnants of his political capital to ensure US backing for two agreements of immense significance for global security: the Paris climate agreement and the Iran nuclear deal.
For its part, the nuclear deal would act as the single most comprehensive and definitive tool, which, as Germany's UN envoy, Harald Braun, put it, would "reassure the world that Iran's nuclear programme served exclusively peaceful purposes". Painstakingly negotiated between Iran and the P5+1 group of world powers, the deal imposed an unprecedentedly intrusive and exhaustive inspection regime on Iran's nuclear activities in return for the lifting of international sanctions that had devastated the country's economy, and with it the livelihood of millions of ordinary Iranians. The world - save the usual trigger-happy statesmen in Tel Aviv, Riyadh and Washington - could finally breathe a sigh of relief that a futile and catastrophic confrontation with Iran, one that would have made Iraq and Afghanistan look like brag-worthy success stories, was averted. The tired and unattainable agenda of regime change was at long last relinquished in favour of cooperation with Iran to jointly tackle the metastasising threat posed by the Islamic State of Iraq and the Levant (ISIL, also known as ISIS) group.
So diffused were tensions between Iran and the US that even the capture of American sailors in Iranian waters - which could once escalate into a fully-fledged diplomatic crisis of monumental proportions - could now be resolved over a phone call between US and Iranian officials. (Some might contrast this to the international fiasco that ensued the 2007 arrest of UK sailors in Iranian waters.) Furthermore, this multilateral experiment had revived hope for other non-proliferation regimes to follow suit. If it worked with Iran, why can't it work with North Korea, Pakistan, or - dare we suggest - Israel? The cosmopolitan vision promoted by the JCPOA, as well as its import for global security, is reflected in the words of EU foreign policy chief Frederica Mogherini, who described the deal as "a milestone for non-proliferation, making everyone more secure in the region, in Europe, and in the world … the deal now belongs to the entire international community - not only to us who were in that [negotiating] room".
But perhaps the most telling testament to the JCPOA's significance for global security was its enshrinement in a resolution unanimously adopted by all fifteen members of the UN Security Council, including the US.
That initial optimism, however, has since collided with a grim reality called Donald J. Trump. Having crammed US foreign policy into 140 angry characters, Trump is now expected to decertify the nuclear deal - not least after twice confirming Iran's compliance with the JCPOA. This, despite the fact that the UN body charged with monitoring its implementation has confirmed eight consecutive times that Iran has lived up to its end of the deal. Men of the most hawkish disposition have advised against abandoning the deal. Tump's defence secretary and chairman of the joint chiefs of staff - hardly doves - have voiced their support for the deal and affirmed Iran's compliance with it. In addition, the other parties to the agreement (Russia, China, Germany, France, UK, EU) have signalled their unwillingness to renegotiate a deal that has thus far proven a success.
To be sure, Trump's decertification will not automatically abrogate the deal. It will, however, relinquish the power to determine its fate to Congress. This means that 535 lawmakers, many of whom are deeply beholden to defence contractors, corporate donors and their own fleeting political ambitions, will retain the power to trigger a cascading chain of events with potentially irreversible and incalculable consequences, only one of which is a path of confrontation with Iran. Almost overnight, US role in global security will devolve further from stakeholder to risk factor.
Since 1945, the will and word of US statesmen have either dictated or nullified the terms and conditions of global security. Regardless of whether the deal survives congress or not, by undermining an important document of global security, Trump will have signalled to the world that the risks of intercourse with the US should inspire more fear than its threatening posture ever could.
Placing the nuclear deal on life support will lend further credence to the belief that covenants that enshrine the collective will of the international community may indeed be reduced to hollow shibboleths, and that it takes little more than a pathologically-sized ego equipped with modest mental resources to challenge the validity of agreed-upon safeguards against nuclear proliferation.
In the foreseeable future, the onus of proving good faith will rest squarely on the shoulders of US leaders.
show source http://www.politico.com/story/2017/09/24/iran-nuclear-deal-hacking-243059 http://www.aljazeera.com/indepth/opinion/trump-decision-iran-world-171013112645000.html