Iranian intelligence services and other organizations they are backing are monitoring hotels, the travel industry and phone calls to carry out surveillance on individuals through the data they collect, with the aim to possibly cause physical harm to these individuals, a cybersecurity expert warned a gathering of officials and entrepreneurs in Tel Aviv on Thursday.
“Iranians are gaining access to data on a lot of individuals,” said John Hultquist, head of the intelligence analysis team at the US-based cybersecurity firm FireEye. “We think they are surveilling individuals through this data so we see targeting of the hospitality industry, targeting the travel industry, the telecom industry — we think they are literally tracking people — and obviously there are some serious physical concerns about potential victims being tracked by the Iranian intelligence services or the organizations that are backing these hackers,”
Talking about the global Iranian threat at the Cybertech 2020 conference held in Tel Aviv, Hultquist said that Iranian hackers or Iranian sponsored hackers are getting better at the game, are “resourceful,” and what they lack in technical prowess they make up with “creativity and some really fantastic social engineering,” he said.
There is no concern that Iranian actors through their actions will be able to bring down whole economies, he said, but there is a definite worry that a cyber attack could cause “major damage” to single players within the economy.
And whereas the US and Israeli cybersecurity capabilities “are the most advanced” in the world, economic cyber-attacks perpetuated by Iranian actors won’t target well protected military intelligence services, rather the private sector, where the hackers will find un-hardened or less hardened targets, he said.
“Despite our advancements, we still have to worry about these other targets they are going to focus on,” he said.
Hultquist added that his firm tracked as many as 10 different “destructive” hacking attacks by Iranian actors in the Gulf last year.
“They have been working in the Gulf, they have been carrying a lot of destructive attacks there,” he said, with the targets being Gulf companies such as oil and gas firms and “other equivalent companies in the region.”
The hackers rarely take credit for their actions, he said, though FireEye, which has been tracking the perpetrators for several years and “watching them improve” has the ability to know who is behind these attacks.
“The good news is we know their tricks, we know their behavior, and we can take a look at our defenses and see if our controls are prepared,” he said.
At the conference, in which attendees were warned about the threat posed by the use of tools based on artificial intelligence, Hudi Zack, Chief Executive Director, Israel National Cyber Directorate, who is in charge of protecting the nation from cyber-attacks, said that hackers are using AI tools to create new “attack surfaces” and causing “new threats.”
“Today AI allows to attack on many areas in the same time and on a very large scale. In the near future, the world will change from human-to-human mind games to machine-to-machine battles,” he said.