Threat to US security from Iranian hackers expected to grow: Report

15 May 2014

The threat to US security from Iranian hackers is expected to grow as they transition from attacking the web sites of US companies to conducting spying activities, according to a report released on Wednesday.

According to The Silicon Valley cyber security company FireEye Inc, an Iranian hacking group known as the Ajax Security Team had been identified as the first to make their own malicious software, as part of a cyber espionage effort, Reuters reported.

The group had launched attacks on Iranians trying to get around the country's internet censors as also US defence companies. Iranian hackers had also been blamed for the denial-of-service attacks on the online operations of US banks in recent years.

According to Michael Hayden, former director of the CIA and the National Security Agency, cyber warfare gave countries with inferior military capabilities a way to disrupt the security of other nations without launching missiles or invading.

"I've grown to fear a nation state that would never go toe-to-toe with us in conventional combat that now suddenly finds they can arrest our attention with cyber attacks," Hayden said at Monday's Reuters Cyber security Summit.

According to FireEye researcher Nart Villeneuve, Ajax's cyber activities acquired a more political colour in the wake of the Stuxnet virus attack on Iran's nuclear programme, believed to be the work of the US government.

FireEye said the Ajax security team stopped defacing web sites around December, but a network of computers it used had shown continued activity distributing malware targeted at higher-value targets, International Business Times reported.

The security company recovered information on 77 people targeted by the group by analysing a command-and-control server used for the storage of stolen data. The victims mostly had their computers set to the Persian language and to Iran's time zone. According to FireEye, it also uncovered evidence the group targeted US defence contractors.

There was no clear link between the group and the government of Iran, although the country had been expanding its offensive cyber capabilities, according to the report, authored by Nart Villeneuve, Ned Moran, Thoufique Haq and Mike Scott.

''While the objectives of this group are consistent with Iran's efforts at controlling political dissent and expanding offensive cyber capabilities, the relationship between this group and the Iranian government remains inconclusive,'' the report said.