IN THE MEDIA

Iran-backed cyber attackers taking aim at Australia

Nov 23, 2018 | Oved Lobel

170921100726 Iran Cyber Group 780x439

The Australian – November 21, 2018



Australian shipbuilder and defence contractor Austal last month had a breach of its systems and a subsequent extortion attempt. 

The perpetrators have not been identified but sources say the attack emanated from the Middle East. The ABC reported that, according to the Australian Cyber Security Centre, an Iranian group was most likely responsible.

While Australia has yet to be targeted by more substantial Iranian cyber-attacks against infrastructure and financial institutions, like the US or Saudi Arabia, it has been the victim of several “independent” hacking groups that operate as fronts for the cybercrime of Iran’s Islamic Revolutionary Guards Corps and intelligence agencies.

One of these Iranian front groups, known as Cobalt Dickens, was reported recently to be behind attempts to hack into Australian universities and databases to steal secret research as part of a global operation targeting universities in almost every Australian city. According to Alex Tilley, a senior researcher at cyber­security firm SecureWorks, the pattern fits attacks by Cobalt Dickens.

A similar and far more expansive operation by the Mabna Institute, an IRGC front for stealing academic credentials and research, targeted up to 26 Australian universities between 2013 and last year. The US charged nine Iranians involved in the operation, claiming they stole more than 31 terabytes of data from about 150 universities and dozens of companies and government agencies in the US, and login credentials for thousands of academics from more than 300 academic institutions across 22 countries. The stolen data is valued in the billions of dollars.

News agency Reuters recently uncovered Iran’s ability to interfere in election processes. Like Russia, which has used organised networks of bots and trolls to try to influence elections in the US, Europe, and on a smaller level, Australia, Iran has been running influence operations via its International Union of Virtual Media for years.

Using dozens of websites, YouTube accounts and hundreds of social media profiles across multiple platforms, the IUVM laundered pro-Iran talking points through “alternative” media channels in at least 11 languages.

Facebook, Twitter and Google have been working to remove traces of the IUVM on their platforms. Google has built on the investigative work of cybersecurity firms FireEye and ClearSky to identify actors linked to the Islamic Republic of Iran Broadcasting amplifying Iranian propaganda.

As a vital member of the Five Eyes signals intelligence alliance and a strong partner of both the US and Israel, Australia should be prepared to also deal with the more dangerous end of Iran’s offensive cyber capacity.

Although China is Australia’s most immediate concern in cyberspace, Iran has the capabilities to pose a threat should it choose to do so. Former prime minister Malcolm Turnbull specifically cited Iranian attacks in his speech announcing the opening of a national cybersecurity centre in order to avoid a “perfect cyber storm”.

A recent investigation into the intelligence fiasco between 2009 and 2013 that ended in the murder of dozens of CIA informants and the roll-up of US intelligence networks in China, revealed the compromise actually began in Iran, and the two countries may have co-operated.

High-level officials from Russia, China and Iran were discussing cyber issues at the time, which some US intel officials believe was the beginnings of an anti-Five Eyes alliance between the three. Germany’s domestic intelligence agency, BfV, this year reported a sharp rise in Iranian cyber attacks against the country, putting Iran on the same level as China and Russia as the most persistent cyber threat. “Iran’s cyber activities have been the most consequential, costly and aggressive in the history of the internet, more so than Russia,” a former national intelligence manager for Iran at the US Office of the Director of National Intelligence said.

In 2013, hackers linked to Iran by the cybersecurity firm Cylance penetrated the networks of US power producer Calpine Corps and stole enough information to disrupt the energy grid and shut down power plants. Beginning in 2011, hackers working for two Iranian security companies launched co-ordinated attacks against the US financial system. One gained access to the server controlling a dam in New York. They didn’t take control of the dam but they did damage the computer systems. Iran was also suspected of cyber attacks against the Saudi oil giant Aramco between 2012 and this year. Australia also has troops stationed in Iraq and Afghanistan operating near Iranian proxies, whose cyber capabilities have also drastically increased with Iranian assistance, and who could be used to endanger Australians. Iran may be more commonly known for its sponsorship of terrorism and the illegal pursuit of nuclear weapons, but its expanding and destructive role as a potent cyber threat to the West must be addressed.

Oved Lobel is a policy analyst at the Australia/Israel & Jewish Affairs Council. 

Tags: ,

RELATED ARTICLES


A room in Herod the Great's palace near Jericho (image: Flickr/Ian Scott)

Is UNESCO Going to Erase Jewish History From Another Israeli City?

Sep 11, 2023 | Featured, Fresh AIR, In the media
Iran Protests (52383779726)

Australia must do more about Iran

Aug 25, 2023 | Featured, Fresh AIR, In the media
Image: Shutterstock

Australia’s government has taken an anti-Israel stance

Aug 16, 2023 | Featured, In the media
Image: Shutterstock

Labor’s Israel shift is a blow to peace and our credibility

Aug 15, 2023 | Featured, In the media
Image: Shutterstock

Ill-conceived posturing on Palestine is undermining Australia’s reputation as a trusted peace broker

Aug 14, 2023 | Featured, In the media
Israel and Palestinian territory divided by the security wall (Image: Shutterstock)

Australia’s Middle East decision ill-conceived

Aug 10, 2023 | Featured, In the media

SIGN UP FOR AIJAC EMAILS

RECENT POSTS

Israeli tanks in the Sinai Desert, 1973 (Image: Public domain)

From 1973 to Israel’s next war

Image001

The Last Word: Jeremy Jones – In Memoriam

Clinton appreciated Netanyahu’s political skills, but the two were divided over some key policy issues, leading to a tense relationship (Image: Shutterstock)

Essay: Bibi’s seven presidents

Destined to be an iconic landmark: The new National Library of Israel (Image: Herzog & De Meuron/ National Library of Israel/ Twitter)

Biblio File: Unique monument for the “People of the Book”

Hezbollah leader Hassan Nasrallah (Image: Shutterstock)

Deconstruction Zone: US outreach vs. Iranian aggression

Israeli tanks in the Sinai Desert, 1973 (Image: Public domain)

From 1973 to Israel’s next war

Image001

The Last Word: Jeremy Jones – In Memoriam

Clinton appreciated Netanyahu’s political skills, but the two were divided over some key policy issues, leading to a tense relationship (Image: Shutterstock)

Essay: Bibi’s seven presidents

Destined to be an iconic landmark: The new National Library of Israel (Image: Herzog & De Meuron/ National Library of Israel/ Twitter)

Biblio File: Unique monument for the “People of the Book”

Hezbollah leader Hassan Nasrallah (Image: Shutterstock)

Deconstruction Zone: US outreach vs. Iranian aggression

SORT BY TOPICS