IN THE MEDIA

Iran-backed cyber attackers taking aim at Australia

Nov 23, 2018 | Oved Lobel

170921100726 Iran Cyber Group 780x439

The Australian – November 21, 2018



Australian shipbuilder and defence contractor Austal last month had a breach of its systems and a subsequent extortion attempt. 

The perpetrators have not been identified but sources say the attack emanated from the Middle East. The ABC reported that, according to the Australian Cyber Security Centre, an Iranian group was most likely responsible.

While Australia has yet to be targeted by more substantial Iranian cyber-attacks against infrastructure and financial institutions, like the US or Saudi Arabia, it has been the victim of several “independent” hacking groups that operate as fronts for the cybercrime of Iran’s Islamic Revolutionary Guards Corps and intelligence agencies.

One of these Iranian front groups, known as Cobalt Dickens, was reported recently to be behind attempts to hack into Australian universities and databases to steal secret research as part of a global operation targeting universities in almost every Australian city. According to Alex Tilley, a senior researcher at cyber­security firm SecureWorks, the pattern fits attacks by Cobalt Dickens.

A similar and far more expansive operation by the Mabna Institute, an IRGC front for stealing academic credentials and research, targeted up to 26 Australian universities between 2013 and last year. The US charged nine Iranians involved in the operation, claiming they stole more than 31 terabytes of data from about 150 universities and dozens of companies and government agencies in the US, and login credentials for thousands of academics from more than 300 academic institutions across 22 countries. The stolen data is valued in the billions of dollars.

News agency Reuters recently uncovered Iran’s ability to interfere in election processes. Like Russia, which has used organised networks of bots and trolls to try to influence elections in the US, Europe, and on a smaller level, Australia, Iran has been running influence operations via its International Union of Virtual Media for years.

Using dozens of websites, YouTube accounts and hundreds of social media profiles across multiple platforms, the IUVM laundered pro-Iran talking points through “alternative” media channels in at least 11 languages.

Facebook, Twitter and Google have been working to remove traces of the IUVM on their platforms. Google has built on the investigative work of cybersecurity firms FireEye and ClearSky to identify actors linked to the Islamic Republic of Iran Broadcasting amplifying Iranian propaganda.

As a vital member of the Five Eyes signals intelligence alliance and a strong partner of both the US and Israel, Australia should be prepared to also deal with the more dangerous end of Iran’s offensive cyber capacity.

Although China is Australia’s most immediate concern in cyberspace, Iran has the capabilities to pose a threat should it choose to do so. Former prime minister Malcolm Turnbull specifically cited Iranian attacks in his speech announcing the opening of a national cybersecurity centre in order to avoid a “perfect cyber storm”.

A recent investigation into the intelligence fiasco between 2009 and 2013 that ended in the murder of dozens of CIA informants and the roll-up of US intelligence networks in China, revealed the compromise actually began in Iran, and the two countries may have co-operated.

High-level officials from Russia, China and Iran were discussing cyber issues at the time, which some US intel officials believe was the beginnings of an anti-Five Eyes alliance between the three. Germany’s domestic intelligence agency, BfV, this year reported a sharp rise in Iranian cyber attacks against the country, putting Iran on the same level as China and Russia as the most persistent cyber threat. “Iran’s cyber activities have been the most consequential, costly and aggressive in the history of the internet, more so than Russia,” a former national intelligence manager for Iran at the US Office of the Director of National Intelligence said.

In 2013, hackers linked to Iran by the cybersecurity firm Cylance penetrated the networks of US power producer Calpine Corps and stole enough information to disrupt the energy grid and shut down power plants. Beginning in 2011, hackers working for two Iranian security companies launched co-ordinated attacks against the US financial system. One gained access to the server controlling a dam in New York. They didn’t take control of the dam but they did damage the computer systems. Iran was also suspected of cyber attacks against the Saudi oil giant Aramco between 2012 and this year. Australia also has troops stationed in Iraq and Afghanistan operating near Iranian proxies, whose cyber capabilities have also drastically increased with Iranian assistance, and who could be used to endanger Australians. Iran may be more commonly known for its sponsorship of terrorism and the illegal pursuit of nuclear weapons, but its expanding and destructive role as a potent cyber threat to the West must be addressed.

Oved Lobel is a policy analyst at the Australia/Israel & Jewish Affairs Council. 

Tags: ,

RELATED ARTICLES


putin1609

Russia’s quest to make itself indispensable in the Middle East

Sep 17, 2020 | Featured, Fresh AIR, In the media
IMG-20200916-WA0026

Bahrain and the United Arab Emirates fully normalise relations with Israel – ABC Radio interview

Sep 16, 2020 | In the media
14IN-ISRAEL-GULFUSA

Bridging the gulf to peace

Sep 15, 2020 | Featured, In the media
Israeli Prime Minister Benjamin Netanyahu announces full diplomatic ties will be established with the United Arab Emirates. CREDIT: EPA

Deals between Israel, UAE and Bahrain shatter old barriers

Sep 15, 2020 | Featured, In the media
V3imagesbin2fe551f16a655e182c4fbe63f7c0855b Q7vdwm0ft601kpslmt2 T1880

Australia must do more to get Melbourne academic Kylie Moore-Gilbert out of Iranian prison

Aug 25, 2020 | Featured, In the media
Yuval Rotem

Senior Israeli diplomat Yuval Rotem explains UAE triumph to AIJAC webinar

Aug 21, 2020 | Featured, In the media

SIGN UP FOR AIJAC EMAILS

RECENT POSTS

leifer

AIJAC welcomes decision to extradite Malka Leifer

Israel's representative at the UN ECOSOC this week.

AIJAC welcomes Australia’s UN ECOSOC stance

1024px-Israel_Jordan_valley

Jordan Valley tale is all wet

Yasser Abu Hilala, former head of Al Jazeera

Former Al-Jazeera chief compiles “blacklist” of journalists who support Israel-UAE and Israel-Bahrain deal

putin1609

Russia’s quest to make itself indispensable in the Middle East

leifer

AIJAC welcomes decision to extradite Malka Leifer

Israel's representative at the UN ECOSOC this week.

AIJAC welcomes Australia’s UN ECOSOC stance

1024px-Israel_Jordan_valley

Jordan Valley tale is all wet

Yasser Abu Hilala, former head of Al Jazeera

Former Al-Jazeera chief compiles “blacklist” of journalists who support Israel-UAE and Israel-Bahrain deal

putin1609

Russia’s quest to make itself indispensable in the Middle East

SORT BY TOPICS