Should U.S. Banks Expect Cyberattacks from Iran?
From American Banker:
I would imagine that U.S. organizations that are critical to facilitating financial transactions, like consumer or commercial payments and trading activity, will be at the top of Iran’s hit list,” Al Pascual, co-founder and chief operating officer of Breach Clarity, says.
Just two weeks ago, the world was in what he described as “a relatively stable state of unrest.” Now, “it is hard to predict where things will go,” Kelly King, the chairman and CEO of Truist Financial, said in remarks to a business gathering in Durham, N.C. “You can only hope and pray things will not escalate.”
If they do attack, Joe Krull, senior analyst at Aite Group, expects Iranian hackers to opt for ransomware, rather than repeat the DDoS attacks of nearly a decade ago.
“Ransomware is the attack du jour right now,” he said. “Iran’s forte right now is malware that creates damage.”
Krull was involved in the remediation process for Iranian hackers’ Shamoon attack on Saudi Aramco in 2012.
“They literally had to take tens of thousands of computers and bury them in the sand because they were rendered useless,” he said.
Iranian hackers are good at cyberattacks, and by targeting financial institutions, “they can claim victory, but it doesn’t necessarily warrant a military response, so they can do it and get away with it as opposed to blowing up an American embassy,” he said. “If I were a chief information security officer for a bank or a financial services company, I would be updating my run books for incident response.”
In 2014, Iranian hackers launched a malware attack on computers at Las Vegas Sands, a casino and resort company led by Sheldon Adelson. The attack wiped out three quarters of the company’s Vegas-based servers, which cost it an estimated $40 million in equipment costs and data recovery.
Krull could envision this happening to a midsize bank.