Following the death of Qassem Soleimani, the commander of the Iranian Islamic Revolutionary Guard Corps’ Quds Force, the New York Department of Financial Services (DFS) has issued a statement warning financial institutions of the heightened risk of cyber attacks from hackers affiliated with the Iranian government.
In a letter circulated to all regulated entities, the New York DFS warned of possible retaliation against the United States after Soleimani’s death. “Given Iranian capabilities and history, U.S. entities should prepare for the possibility of cyber attacks.”
The Department of Financial Services, created in October 2011 to regulate a broader array of financial products and services, strongly recommended increased vigilance for financial service companies, although no specific threats or reports of Iran-sponsored cyber attacks were cited.
Capitalise Appoints William Klippel as its Head of SalesGo to article >>
Iranian Hacking History
Iran has a well-documented history of being behind cyber attacks against the US financial services industry. In 2012 and 2013, Iranian-sponsored hackers launched denial of service (DDoS) attacks against a number of major U.S. banks. Although the attacks emanating from Iran inflicted only modest damage, the then Defence Secretary Leon E. Panetta warned that the United States was at risk of a “cyber-Pearl Harbor.”
The websites of major U.S banks and financial institutions, including Bank of America, the New York Stock Exchange, and NASDAQ suffered disruptions from cyber attacks traced back to Iran.
As recently as June 2019, as an Iran-US confrontation dominated geopolitical events and headlines, the US government noted that hackers from Iran were increasingly using highly destructive attacks that delete or encrypt data, warning of a “recent rise in malicious cyber activity directed at United States industries and government agencies by Iranian regime actors and proxies,”
Historically, Iran has relied upon primarily common and unsophisticated hacking tactics such as email phishing, password spraying, credential stuffing, and targeting unpatched devices. Financial institutions were also reminded of the need for extra vigilance at nights and weekends, where hackers are known to prefer attacking.