What to Make of U.S. Cyber Activities in Iran by Mark Pomerleau and Andrew Eversden - Fifth Domain
After the Islamic Republic of Iran shot down an RQ-4 Global Hawk drone June 20, President Donald Trump opted against physical military strikes as retaliation. Instead, multiple news organizations reported the U.S. military quietly conducted cyber operations that targeted computer systems that control Iranian missiles launches and an intelligence organization associated with the Iranian Revolutionary Guard Corps.
Representatives from two cyber threat intelligence firms told Fifth Domain June 24 that they were aware Iran had conducted highly-customized spearphishing campaigns. In some cases, experts said, the attacks included what’s known as a lure document to entice victims to click and inadvertently install malware. U.S. government agencies were among the targets of the attacks.
In addition, experts said that the operation signals U.S. government leaders are becoming increasingly comfortable with cyberwarfare as a tool in the arsenal and, in some cases, now view cyber operations as a half-step removed from a kinetic conflict…