stages®, Cybersecurity, and Iran

As our cyber threat environment evolves, our cybersecurity posture becomes ever more relevant. This is why SecurityIntelligence, powered by stages®, is your best 2020 resolution.

Let’s start with the latest evolution of the international cyber threat.

In 2019, the evolution was ever so slight, given a trade war truce with China late in the year. While the agreement did not include any concessions from Beijing on cyber theft, relations between the US and China are on the right trajectory to eventually realize that goal.[1] Other state-sponsored hacking organizations continued operations apace while trends in specific attack methods followed a generally unchanged glide path. While ransomware and major breaches continued to make headlines, the only possible departure is seen in a US-China détente.

2020’s evolution was far greater.

Amid attacks against the US embassy in Baghdad, Iraq, paratroopers from the 82nd Airborne Division were deployed on Dec. 31, 2019, to Kuwait. Days later, Qassim Soleimani, Iran’s top general and leader of Tehran’s proxy wars, was killed by US forces in a targeted drone attack outside Baghdad International Airport.[2]

We’re betting Tehran will retaliate through several vectors, especially in cyberspace.

As these international tensions unfold, the event monitoring industry quickly evolves alongside other emerging developments in the wider tech sector. In this environment, the threat that looms ever larger year after year continues to be cyber crime. For an industry that lives and dies by the integrity of its connections, cyber threat actors (both criminals and state-sponsored hackers) are among the most relevant menaces we face.

Fredrik Nillson, Vice President of the Americas at Axis Communications, sums it up in an early 2019 interview:

“Cybersecurity will continue to plague the security industry. Any solution that relies on the Internet is vulnerable to attack. Every cyber tool improvement presents an irresistible challenge to hackers. We’re seeing more state-sanctioned and organized cybercrime. It’s a perpetual race to keep up.”[3]

Industry Experts’ Thoughts on Cybersecurity

Nillson’s sentiments are amplified by industry experts in interviews that took place prior to the killing of Soleimani:

“As the industry keeps growing at such a rapid rate with modern technologies that all ride either wirelessly or tethered to the Internet, the need for cybersecurity protection and education of professionals and consumers is increasing. Many professionals and even more consumers still don’t realize how vulnerable they are and how their vulnerability increases as they continue to expand a variety of technological elements within their homes and businesses.” -Peter Giacalone (Giacalone Associates)[4]

“Cybersecurity. A never-ending challenge for businesses of all sizes. Attacks continue to escalate. Constant vigilance, education and awareness are required as attack methods morph and grow in sophistication.” -Don Young (The Monitoring Association)[5]

“Access control equipment remains vulnerable to cyberattacks, and cybersecurity risks have increased significantly in recent years as more vendors have transitioned to selling connected and IoT-enabled equipment.” -Blake Kozak (IHS Markit)[6]

“Cybersecurity is a daily threat in any industry, but ransomware took on a new life, victimizing municipalities, higher education, SMBs and more.” -Bill Bozeman (PSA Security Network)[7]

Cybersecurity concerns are amplified further still in the face of Soleimani’s death:

“The country has spent years building the capability to execute not only the mass-destruction of computers but potentially more advanced—albeit far less likely—attacks on Western critical infrastructure like power grids and water systems.” -Andy Greenberg (WIRED)[8]

“Iran will go for targets that create headlines—health, financial services, social media.” -Zak Doffman (Forbes)[9]

Final Thoughts on Cybersecurity

Here’s hoping this short compendium of expert quotes shed light on the year’s newest cybersecurity threat. The consensus seems to be that although Iran has demonstrated the ability to target US critical infrastructure and industrial control systems, we shouldn’t expect any such response in light of the overwhelming US ability to retaliate. To avoid a devastating response, Iran will aim more to damage companies and reputations.

Interested in learning more about how SecurityIntelligence, powered by stages®, can protect your business? Contact us at (800) 255-BOLD for a free analysis of your cybersecurity posture.

[1] A U.S.-China Trade Detente – WSJ 2019.
[2] Abdul-Zahra 2020.
[3] Straight From the Experts: Security’s Most Pressing Issues – Security Sales & Integration 2019.
[4] Experts Predict Top 5 Challenges Facing the Security Industry in 2020 – Security Sales & Integration 2019.
[5] Ibid.
[6] Ibid.
[7] Ibid.
[8] Greenberg 2020.
[9] Doffman 2020.

Sources:
Abdul-Zahra, Qassim. 2020. US kills Iran’s most powerful general in Baghdad airstrike. Associated Press. Available at https://apnews.com/5597ff0f046a67805cc233d5933a53ed. Accessed 7 January 2020.

Doffman, Zak. 2020. Suleimani ‘Revenge’—This Is Why Iran’s Most Dangerous Cyber Weapons Will Stay Hidden. Forbes. Available at https://www.forbes.com/sites/zakdoffman/2020/01/04/soleimani-revenge-this-is-why-irans-most-dangerous-cyber-weapons-will-stay-hidden/. Accessed 7 January 2020.

Greenberg, Andy. 2020. How Iran’s Hackers Might Strike Back After Soleimani’s Assassination | WIRED. WIRED. Available at https://www.wired.com/story/iran-soleimani-cyberattack-hackers/. Accessed 7 January 2020.

2019. A U.S.-China Trade Detente – WSJ. The Wall Street Journal, sec. Review & Outlook. Available at https://www.wsj.com/articles/a-u-s-china-trade-detente-11576281779. Accessed 7 January 2020.

2019. Experts Predict Top 5 Challenges Facing the Security Industry in 2020 – Security Sales & Integration. Security Sales & Integration. Available at https://www.securitysales.com/news/5-challenges-security-industry-2020/. Accessed 7 January 2020.

2019. Straight From the Experts: Security’s Most Pressing Issues – Security Sales & Integration. Security Sales & Integration. Available at https://www.securitysales.com/business/security-pressing-issues/. Accessed 7 January 2020.