This article is more than 1 year old

Iran is doing to our networks what it did to our spy drone, claims Uncle Sam: Now they're bombing our hard drives

Tehran's hackers are 'wiping' infected machines as tensions spike, fresh sanctions approved

Hackers operating on behalf of the Iranian government have turned destructive, the US Department of Homeland Security has claimed.

A statement issued over the weekend by Cybersecurity and Infrastructure Security Agency (CISA) director Christopher Krebs describes how Tehran-backed miscreants have gone from simply attempting to harvest blueprints, sensitive data, and account credentials from American systems, to actively working to wipe clean Uncle Sam's PCs, servers, and network infrastructure in their wake.

The attackers are, it is claimed, targeting the IT infrastructures of US government agencies and their private-sector contractors. While cyber-raids by Iran are nothing new, the aggressive deleting of data from hard drives and other storage gear is apparently cause for concern.

We're not at all surprised by it. Rather than covertly and silently snooping on Western computers, Iranian hackers are, we're told, just going for broke and making their presence known loud and clear, by trashing file systems, and thus sending a message to the White House.

"Iranian regime actors and proxies are increasingly using destructive ‘wiper’ attacks, looking to do much more than just steal data and money. These efforts are often enabled through common tactics like spear phishing, password spraying, and credential stuffing," Krebs warned.

"What might start as an account compromise, where you think you might just lose data, can quickly become a situation where you’ve lost your whole network."

Mobile phones on Iran flag

Nine Iranians accused of cyber-swiping 30TB+ of blueprints from unis, biz on Tehran's orders


The alert comes as tensions between America and Iran have spiked: the two nations have basically been, and this is a technical term here, dicking around with each other for ages. Besides the whole Stuxnet thing and earlier trade sanctions, Japanese and Norwegian oil tankers were blown up near Iran this month, a US military spy drone was shot down by the Iranians, and today President Donald Trump approved fresh "hard-hitting" sanctions against the Mid-East nation.

Now, as the pair of countries find themselves increasingly hostile to one another, Homeland Security said the animosity is spilling over to cyberspace.

"In times like these it’s important to make sure you’ve shored up your basic defenses, like using multi-factor authentication, and if you suspect an incident, take it seriously and act quickly," Krebs said.

The digital saber-rattling is not a one-sided battle, either. Uncle Sam is said to be launching its own cyber-strikes after the White House last-minute called off a plan to launch actual missiles at Iran.

A report from Yahoo! News over the weekend claimed that US government agents have in recent days hacked and taken down online spy networks operating out of Iran, in retaliation for the downed drone, while the Washington Post reports that a separate cyber-attack is specifically targeting the same missile systems Iran used to take down the US drone. ®

More about


Send us news

Other stories you might like