mohammed jahromi
Home US/World

Cyber attacks in Iran

By Rachel Brooks

Contributor | Telegraph Local 

See The New African Living Standard 

Pictured above is Mohammad Jahromi

Iran has defused the second cyberattack in under a week, citing Al Jazeera. The attack has been called an intelligence-seeking attack, “aimed at spying on government intelligence” The New York Times stated that this attack was a mass-scale attack. It followed on the heels on an attack that compromised the network of 15 million Iranian bank accounts. This information was stolen and published online which followed widespread street protests. 

Greta Thunberg is Time’s Person of the Year

The minister of Iran’s telecommunication, Mohammad Javad Azari Jahromi, spoke with the New York Times regarding the nature of this current attack. Jahromi had originally negated the insider-intelligence of the bank accounts leak. Jahromi is calling the new rash of attacks a state-sponsored attack but did not choose to elaborate. Mr. Jahromi stated that the state would release details as they are sorted through. Jahromi spoke with reporters in Tehran on Wednesday. He is quoted as saying, “it was a very big attack.” 

Today on The News 247 YouTube

The Jerusalem Post shed some light on the current situation. JP states that the Islamic Republic’s security shield called Dezhfa, blocked two other cyber attacks this week. This means that there is a total of three cyberattacks reported this week total. 

The current investigation is on foreign malware that hit government servers. Jahromi was quoted by Jerusalem Post as saying, “an organized cyberattack against Iran’s E-government infrastructures was identified and repelled by the security shield.” 

This infers that Dezhfa stopped the spread of the hostile attack before it reached critical levels. The source for this report is the Iranian Far News Agency.

Jahromi also referenced the attack as an APT27 aimed at obtaining information. APT27 is a Chinese language entity that has been involved in multiple attack campaigns in Central Asia. It has been used against government entities, sourced from Kaspersky, which is a major cybersecurity provider brand.

Jahromi also has no current intelligence regarding which nation-state actor launched the attacks. 

Jahromi also has no current intelligence regarding which nation-state actor launched the attacks. 

The bank attacks were said to have come from a disgruntled government contractor. The attacks targeted the three major banking networks_ Mellat, Tejarat, and Sarmayeh. The three banks have all been under the US sanctions of the current administration for the last year. These banks have been accused of laundering money to Iran’s Islamic Revolutionary Guards Corps. 

Toni-Ann Singh wins Miss World 2019

The pool of possible attackers has become somewhat limited as, further citing Jerusalem Post, Iran has been on a campaign to block thousands of sites from the public use. This includes Facebook, Twitter, and other social media providers. If these are accessed in Iran, then it is likely the user is on a VPN network and a proxy server that bypasses the government’s sanction.

In response, the Iranian government is planning a nationwide intranet that will limit the use and need for access to foreign networks.

While some digital newspapers cite Israel as the source of this attack, there are no reports to confirm this from the Iranian ministry. The Iranian minister cites a Chinese-language entity conducted the attack. This gives the possibility that the attack launched from somewhere in Central Asia, but that has not been confirmed either.

Leave a Reply