Experts: Iran and North Korea are looming cyberthreats to U.S.

The two countries may lack some capabilities, but they have strong intentions to do harm, experts say
  • (IDG News Service)
  • — 20 March, 2013 21:29

Cyberattacks supposedly originating from China have raised alarms in recent weeks, but U.S. businesses and government agencies should worry as much about Iran and North Korea, a group of cybersecurity experts said.

China and Russia have significantly more sophisticated cyberthreat capabilities than do Iran and North Korea, but the two smaller countries are cause for concern in international cybersecurity discussions, the experts told a U.S. House of Representatives subcommittee Wednesday.

While China and Russia maintain active diplomatic ties with the U.S., which should discourage them from launching major attacks on the U.S., Iran and North Korea may be driven to attack the U.S. out of desperation to maintain their political regimes in the face of global isolation, said Frank Cilluffo, director of the Homeland Security Policy Institute and co-director of the Cyber Center for National and Economic Security at George Washington University.

Iran still lacks the capabilities of Russia and China, but it has been testing its cyberattack abilities in recent months, Cilluffo said. "The bad news is ... what they lack in capability, they more than make up for in intent," he said. "Whatever [capability] they don't have, they can turn to their proxies or buy or rent."

Iranian attackers can buy botnets that can disrupt U.S. businesses, he told the House Homeland Security Committee's cybersecurity subcommittee. Cybersecurity experts have pinned a series of denial-of-service attacks on U.S. banks early this year, and a 2012 attack on Saudi Arabia's national oil company, Aramco, on Iranian hackers.

North Korea is a "wild card," Cilluffo added. The country is actively seeking cyberattack capabilities, he said.

Hackers in China and Russia are largely focused on espionage and theft, but those two countries have less interest at the moment in damage-causing cyberattacks on the U.S., Cilluffo said. The capabilities of China and Russia make them advanced persistent threats, but "they have some modicum of responsibility and recognize that we can retaliate," he said.

Iran and North Korea are more unpredictable, witnesses at the hearing said. Iran seems to be focusing its cyberattack capabilities on retaliation against the U.S. and Israel if the two countries attempt to shut down its nuclear program, said Ilan Berman, vice president of the American Foreign Policy Council, a think tank. That focus makes Iran "particularly volatile," he said.

Iran's attack on Aramco in mid-2012, causing damage to 30,000 computers, was a warning to the U.S. and other countries about the country's growing capabilities, Berman said. Iran is "outlining how they would act in the event of a breakdown in relations," he said. The Aramco attack "can be seen as a signaling mechanism by which Iran is telegraphing to the international community" its plans to attack critical infrastructure if war breaks out.

Representative Mike McCaul, a Texas Republican, asked when cyberattacks cross the line into warfare. "At what point do we respond?" he said.

Berman said he couldn't answer that question. Instead, U.S. defense and intelligence officials need to make that decision, he said.

Cyberattackers are changing their tactics as large U.S. companies harden their defenses, said Richard Bejtlich, CSO at security vendor Mandiant, which recently pinned responsibility for several espionage campaigns on a Chinese government cyberunit. Attackers are often targeting smaller companies that partner with large organizations, and then working their way in to the larger target, he said.

The attacks are often successful because "there's an imbalance between offense and defense," Bejtlich added. "A single attacker or group of attackers can keep hundreds or thousands of defenders busy."

Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's e-mail address is grant_gross@idg.com.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Grant Gross

IDG News Service
Topics: Frank Cilluffo, Homeland Security Policy Institute, Mike McCaul, security, Ilan Berman, George Washington University, Richard Bejtlich, Mandiant, government, Aramco, American Foreign Policy Council
Comments are now closed.

Latest News Articles

Most Popular Articles

Follow Us

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Resources

Best Deals on GoodGearGuide

Compare & Save

Deals powered by WhistleOut
WhistleOut

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?