In late June, 2019, the Department of Homeland Security (DHS) warned US companies of increased malicious cyber-activity, or hacking, from Iranian Hackers.
DHS also urged US companies to do everything they can now to protect against some of the hackers’ most common hacking practices, such as data-wiping malware, password spraying, spear phishing, and credential stuffing.
What are these common hacking practices?
Data-wiping malware is just like it sounds. It deletes data on compromised systems, but the purpose is usually to prevent forensic analysis. In 2012, Iran utilized this malware scheme to attack major oil companies in Saudi Arabia and Qatar. The companies were forced to stop oil production temporarily, triggering significant financial losses.
Password Spraying is an attack that mimics brute force attacks. The hacker will take a commonly used password (example: the people who use “password” as their password) and see how many accounts they can access with it while coming through in the internet.
Spear phishing is a type of social engineering attack where the hacker will send a detailed specific email to someone in an organization attempting to gather information (example: An email that comes from the CEO to the head of HR asking for social security numbers)
Credential stuffing is simply a hacker taking known information like usernames and passwords that have been leaked on third-party sites. They will use this information to gain access to accounts that are being targeting. This is considered targeting password reuse (example: people who use same password for multiple accounts such as Banking, email, Amazon, and Facebook).
What does this mean for the United States?
With the United States now working against Iran, it is likely that U.S. companies will now become targets. Iranian hackers have successfully gone after energy companies in the past and MainNerve is sure all U.S. industries will be easy targets. Please take these warnings very seriously. Not only are we attempting to keep U.S., Chinese, and Russian hackers at bay, now we have gained notoriety for Iranian hackers to be placed in the queue.
If you would like to see how your employees react to spear phishing in a controlled way, you can purchase one of our social engineering tests. We can provide information on who might need a little extra training.