IN THE MEDIA

Iran-backed cyber attackers taking aim at Australia

Nov 23, 2018 | Oved Lobel

170921100726 Iran Cyber Group 780x439

The Australian – November 21, 2018



Australian shipbuilder and defence contractor Austal last month had a breach of its systems and a subsequent extortion attempt. 

The perpetrators have not been identified but sources say the attack emanated from the Middle East. The ABC reported that, according to the Australian Cyber Security Centre, an Iranian group was most likely responsible.

While Australia has yet to be targeted by more substantial Iranian cyber-attacks against infrastructure and financial institutions, like the US or Saudi Arabia, it has been the victim of several “independent” hacking groups that operate as fronts for the cybercrime of Iran’s Islamic Revolutionary Guards Corps and intelligence agencies.

One of these Iranian front groups, known as Cobalt Dickens, was reported recently to be behind attempts to hack into Australian universities and databases to steal secret research as part of a global operation targeting universities in almost every Australian city. According to Alex Tilley, a senior researcher at cyber­security firm SecureWorks, the pattern fits attacks by Cobalt Dickens.

A similar and far more expansive operation by the Mabna Institute, an IRGC front for stealing academic credentials and research, targeted up to 26 Australian universities between 2013 and last year. The US charged nine Iranians involved in the operation, claiming they stole more than 31 terabytes of data from about 150 universities and dozens of companies and government agencies in the US, and login credentials for thousands of academics from more than 300 academic institutions across 22 countries. The stolen data is valued in the billions of dollars.

News agency Reuters recently uncovered Iran’s ability to interfere in election processes. Like Russia, which has used organised networks of bots and trolls to try to influence elections in the US, Europe, and on a smaller level, Australia, Iran has been running influence operations via its International Union of Virtual Media for years.

Using dozens of websites, YouTube accounts and hundreds of social media profiles across multiple platforms, the IUVM laundered pro-Iran talking points through “alternative” media channels in at least 11 languages.

Facebook, Twitter and Google have been working to remove traces of the IUVM on their platforms. Google has built on the investigative work of cybersecurity firms FireEye and ClearSky to identify actors linked to the Islamic Republic of Iran Broadcasting amplifying Iranian propaganda.

As a vital member of the Five Eyes signals intelligence alliance and a strong partner of both the US and Israel, Australia should be prepared to also deal with the more dangerous end of Iran’s offensive cyber capacity.

Although China is Australia’s most immediate concern in cyberspace, Iran has the capabilities to pose a threat should it choose to do so. Former prime minister Malcolm Turnbull specifically cited Iranian attacks in his speech announcing the opening of a national cybersecurity centre in order to avoid a “perfect cyber storm”.

A recent investigation into the intelligence fiasco between 2009 and 2013 that ended in the murder of dozens of CIA informants and the roll-up of US intelligence networks in China, revealed the compromise actually began in Iran, and the two countries may have co-operated.

High-level officials from Russia, China and Iran were discussing cyber issues at the time, which some US intel officials believe was the beginnings of an anti-Five Eyes alliance between the three. Germany’s domestic intelligence agency, BfV, this year reported a sharp rise in Iranian cyber attacks against the country, putting Iran on the same level as China and Russia as the most persistent cyber threat. “Iran’s cyber activities have been the most consequential, costly and aggressive in the history of the internet, more so than Russia,” a former national intelligence manager for Iran at the US Office of the Director of National Intelligence said.

In 2013, hackers linked to Iran by the cybersecurity firm Cylance penetrated the networks of US power producer Calpine Corps and stole enough information to disrupt the energy grid and shut down power plants. Beginning in 2011, hackers working for two Iranian security companies launched co-ordinated attacks against the US financial system. One gained access to the server controlling a dam in New York. They didn’t take control of the dam but they did damage the computer systems. Iran was also suspected of cyber attacks against the Saudi oil giant Aramco between 2012 and this year. Australia also has troops stationed in Iraq and Afghanistan operating near Iranian proxies, whose cyber capabilities have also drastically increased with Iranian assistance, and who could be used to endanger Australians. Iran may be more commonly known for its sponsorship of terrorism and the illegal pursuit of nuclear weapons, but its expanding and destructive role as a potent cyber threat to the West must be addressed.

Oved Lobel is a policy analyst at the Australia/Israel & Jewish Affairs Council. 

Tags: ,

RELATED ARTICLES


Naftali Bennett (R), Yair Lapid (L) and former Israeli President Reuven Rivlin (credit:Haim Tzach / GPO)

AIJAC’s Ahron Shapiro and Ran Porat interviewed on Israeli political developments on ABC NewsRadio

Jun 22, 2022 | Featured, In the media
Former UN High Commissioner for Human Rights Navi Pillay (Image: UN Photo/Jean-Marc Ferré)

Israel and the UN: How the world’s only Jewish state has been scapegoated

Jun 17, 2022 | Featured, In the media
1 2

The Far-Right foreign fighter threat that wasn’t

Jun 16, 2022 | Featured, In the media
Image: AAP Image/Pool, Jason Edwards

Making sense of the new political landscape

May 27, 2022 | Featured, In the media
Image: Wikimedia Commons

University of Melbourne exposes BDS’s lies and extremism

May 18, 2022 | Featured, In the media
The Climate 200-funded candidates (clockwise from top left) Zoe Daniel, Andrew Wilkie, Kylea Tink and Allegra Spender

Climate of concern over independent candidates

May 12, 2022 | Featured, In the media

SIGN UP FOR AIJAC EMAILS

RECENT POSTS

India has historically had a distant relationship with Israel, but this has changed dramatically in recent years, as evidenced by the close relationship between former Israeli PM Netanyahu and Indian PM Modi (Image: Isranet)

Essay: Israel looks East

The struggle to succeed 86-year old PA President Mahmoud Abbas is consuming Palestinian politics (Image: Shutterstock)

Does Mahmoud Abbas finally have a successor?

Image: Shutterstock

Polls suggest yet another deadlocked election

The UN Human Rights Council in session (Image: US Mission/Eric Bridiers/Flickr)

Deconstruction Zone: A UN Commission’s war on Israel

(Credit: Shutterstock)

Noted and Quoted – July 2022

India has historically had a distant relationship with Israel, but this has changed dramatically in recent years, as evidenced by the close relationship between former Israeli PM Netanyahu and Indian PM Modi (Image: Isranet)

Essay: Israel looks East

The struggle to succeed 86-year old PA President Mahmoud Abbas is consuming Palestinian politics (Image: Shutterstock)

Does Mahmoud Abbas finally have a successor?

Image: Shutterstock

Polls suggest yet another deadlocked election

The UN Human Rights Council in session (Image: US Mission/Eric Bridiers/Flickr)

Deconstruction Zone: A UN Commission’s war on Israel

(Credit: Shutterstock)

Noted and Quoted – July 2022

SORT BY TOPICS