US struck Iranian military computers this week: AP sources
Washington: US military cyber forces launched a strike against Iranian military computer systems on Thursday as President Donald Trump backed away from plans for a more conventional military strike in response to Iran's downing of a US surveillance drone, US officials have said.
Two officials told The Associated Press on Saturday that the strikes were conducted with approval from Trump. A third official confirmed the broad outlines of the strike. All spoke on condition of anonymity because they were not authorized to speak publicly about the operation.
The cyberattacks a contingency plan developed over weeks amid escalating tensions disabled Iranian computer systems that controlled its rocket and missile launchers, the officials said.
Two of the officials said the attacks, which specifically targeted Iran's Islamic Revolutionary Guard Corps computer system, were provided as options after Iranian forces blew up two oil tankers earlier this month.
The IRGC, which was designated a foreign terrorist group by the Trump administration earlier this year, is a branch of the Iranian military.
The action by US Cyber Command was a demonstration of the US' increasingly mature cyber military capabilities and its more aggressive cyber strategy under the Trump administration. Over the last year US officials have focused on persistently engaging with adversaries in cyberspace and undertaking more offensive operations.
There was no immediate reaction Sunday morning in Iran to the US claims. Iran has hardened and disconnected much of its infrastructure from the internet after the Stuxnet computer virus, widely believed to be a joint US-Israeli creation, disrupted thousands of Iranian centrifuges in the late 2000s.
Tensions have escalated between the two countries ever since the US withdrew last year from the 2015 nuclear deal with Iran and began a policy of "maximum pressure."
Iran has since been hit by multiple rounds of sanctions. Tensions spiked this past week after Iran shot down an unmanned US drone - an incident that nearly led to a US military strike against Iran on Thursday evening.
The cyberattacks are the latest chapter in the US and Iran's ongoing cyber operations targeting the other. Yahoo News first reported the cyber strike.
In recent weeks, hackers believed to be working for the Iranian government have targeted US government agencies, as well as sectors of the economy, including finance, oil and gas, sending waves of spear-phishing emails, according to representatives of cybersecurity companies CrowdStrike and FireEye, which regularly track such activity. This new campaign appears to have started shortly after the Trump administration imposed sanctions on the Iranian petrochemical sector this month.
It was not known if any of the hackers managed to gain access to the targeted networks with the emails, which typically mimic legitimate emails but contain malicious software.
Tensions have run high between the two countries since the US withdrew from the 2015 nuclear deal with Iran last year and began a policy of "maximum pressure." Iran has since been hit by multiple rounds of sanctions. Then Iran shot down an unmanned US drone this week.
"Both sides are desperate to know what the other side is thinking," said John Hultquist, director of intelligence analysis at FireEye. "You can absolutely expect the regime to be leveraging every tool they have available to reduce the uncertainty about what's going to happen next, about what the US' next move will be." CrowdStrike shared images of the spear-phishing emails with the AP.
One such email that was confirmed by FireEye appeared to come from the Executive Office of the President and seemed to be trying to recruit people for an economic adviser position. Another email was more generic and appeared to include details on updating Microsoft Outlook's global address book.
The Iranian actor involved in the cyberattack, dubbed "Refined Kitten" by CrowdStrike, has for years targeted the US energy and defense sectors, as well as allies such as Saudi Arabia and the United Arab Emirates, said Adam Meyers, vice president of intelligence at CrowdStrike.
The Department of Homeland Security said in a statement released Saturday that its agency tasked with infrastructure security has been aware of a recent rise in malicious cyber activities directed at US government agencies by Iranian regime actors and proxies.
Cybersecurity and Infrastructure Security Agency Director Christopher C. Krebs said the agency has been working with the intelligence community and cybersecurity partners to monitor Iranian cyber activity and ensure the US and its allies are safe.
The National Security Agency would not discuss Iranian cyber actions specifically, but said in a statement to the AP on Friday that "there have been serious issues with malicious Iranian cyber actions in the past."
"In these times of heightened tensions, it is appropriate for everyone to be alert to signs of Iranian aggression in cyberspace and ensure appropriate defenses are in place," the NSA said.
Iran has long targeted the US oil and gas sectors and other critical infrastructure, but those efforts dropped significantly after the nuclear agreement was signed. After Trump withdrew the US from the deal in May 2018, cyber experts said they have seen an increase in Iranian hacking efforts.
Let the Truth be known. If you read VB and like VB, please be a VB Supporter and Help us deliver the Truth to one and all.
India asks its nationals in Iran to leave by available means
New Delhi (PTI): India on Wednesday asked all its nationals residing in Iran to leave by available means and avoid any travel to the country as tensions mounted over possible military intervention by the US over Tehran's crackdown on nationwide protests that killed over 2,500 people.
In a fresh advisory, the Indian embassy in Tehran urged all Indians, including students, pilgrims, business persons and tourists, to leave Iran by available means of transport, including commercial flights.
According to estimates, a little over 10,000 Indians, including students, are currently living in Iran.
The mission also urged all Indian citizens and PIOs (Persons of Indian Origin) to exercise due caution, avoid areas of protests or demonstrations and stay in contact with the embassy.
It also urged the Indian nationals to have their travel and immigration documents, including passports, readily available. Indians living in Iran on resident visas were also advised to register with the embassy.
In case any Indian national is unable to register due to internet disruptions in Iran, their families in India are requested to do so, the mission said.
"In view of the evolving situation in Iran, Indian nationals who are currently in Iran (students, pilgrims, business persons and tourists) are advised to leave Iran by available means of transport, including commercial flights," the embassy said.
India's advisory came amid rising tensions in Iran and the region after Trump indicated military action if Tehran continues its crackdown on the protesters.
"If they hang them, you're going to see some things... We will take very strong action if they do such a thing," the US president told CBS News.
In a message to the protesters, Trump said on Tuesday that "help is on the way". The US president has already announced a 25 per cent tariff on countries having trade with Tehran.
The protests began late last month in Tehran after the Iranian currency rial plunged to record lows. The protests have since spread to all 31 provinces, evolving from an agitation against economic woes to a demand for political change.
Separately, the Ministry of External Affairs (MEA) advised Indians to avoid travelling to Iran.
In view of the ongoing developments in Iran, Indian nationals are once again strongly advised to avoid travel to the Islamic Republic of Iran until further notice, it said.
In a previous advisory issued on January 5, the MEA urged its nationals to avoid non-essential travel to Iran.
It had also asked Indian citizens and PIOs residing in Iran to exercise due caution and avoid visiting areas of protests.
The overall situation in Iran in the last few days has deteriorated dramatically as the death toll from the nationwide protests has increased to over 2,500, according to US-based Human Rights Activists News Agency (HRANA).
