RITCHIE B. TONGO/EP
Canada is staying mum on the prospect of Iranian state hackers attacking targets in the country, even as the US withdrawal from the Iran Nuclear Deal sparks fears of fresh cyberattacks from Tehran.According to The New York Times, notable cybersecurity firms noticed suspicious phishing email campaigns emanating out of Iran after President Trump signalled the US would abandon the deal. The campaigns targeted telecommunications companies and western diplomats.And past Iranian cyber attacks prove Canada isn’t immune to those operations.In March, the Communications Security Establishment — Canada’s version of the NSA — confirmed that Canadian computer networks were subject to attacks by Iranian state hackers.Years before that, Canadian authorities admitted in 2015 to an intrusion by Iranian hackers on a government network following a VICE News investigation.When asked to expand on these recent incidents and the potential for new Iranian campaigns, the government was mum. The CSE wouldn’t provide its analysis of the March revelations and Public Safety offered few details.“The Government is committed to defending Canada's cyber security and protecting and advancing our national security and economic interests, and strongly opposes the use of cyberspace for reckless and destructive criminal activities,” said Jean-Philippe Levert, a spokesperson for Public Safety.To maintain the privacy of affected institutions, Levert said the department “does not comment on whether reports have been received on specific incidents, or the details of those reports, nor does it comment on specific threat actors.”According to the CSE, recent attackers originated from the “Mabna Institute” a hacking outfit based in Tehran working under the employ of the Islamic Revolutionary Guard Corps, an elite branch of the Iranian military.Part of a global campaign on western targets, the hackers went after intellectual property and intelligence, stealing 31 terabytes of documents and materials. The US Department of Justice indicted nine Iranian nationals for the cyberattacks and pointed the finger directly at Iranian security agencies.Other attacks linked to Iran show the Middle Eastern power isn’t opposed to targeting the critical infrastructure of its enemies. Two attacks on Saudi Arabia’s state oil company, Saudi Aramco, were heavily linked to Iran, illustrating its interest in attacking physical targets using computer infiltration.One of those operations involved the deployment of malware to take out a security system specifically designed to prevent disasters at an industrial facility. Ultimately, the attack was a failure, but highlighted Iran’s willingness to use destructive malware on the critical infrastructure of a nation state.The Canadian Cyber Incident Response Centre (CCIRC) — the federal agency tracking cyber threats and attacks to the public and private sector — has tracked a number of these types of attacks by potential nation states on Canadian critical infrastructure to date.
Advertisement