I've already had questions from a FinServ client about Iran replicating Operation Ababil (2012-2013 DDoS targeting FS orgs).
-
I've already had questions from a FinServ client about Iran replicating Operation Ababil (2012-2013 DDoS targeting FS orgs).
My assessment is that is not likely to happen. Iran has limited capacity for cyberattacks and given the current situation, they have MUCH higher priorities for cyberattacks. Realistically, they are FAR more likely to use their limited cyber resources for intelligence collection instead of destructive attacks that would have limited impacts. They are likely unable to perform another Shamoon-style attack either, since that requires significant prepositioning. In any case, it's unlikely they have enough prepositioning in US orgs (especially FS) to create that type of impact.
One other note, is that FS orgs are in a much different position today to deal with any DDoS attacks that Iranian-linked threat actors might attempt. Operation Ababil was a wakeup call for the whole industry and they've definitely become more resilient to DDoS in the last decade+ since.
-
I've already had questions from a FinServ client about Iran replicating Operation Ababil (2012-2013 DDoS targeting FS orgs).
My assessment is that is not likely to happen. Iran has limited capacity for cyberattacks and given the current situation, they have MUCH higher priorities for cyberattacks. Realistically, they are FAR more likely to use their limited cyber resources for intelligence collection instead of destructive attacks that would have limited impacts. They are likely unable to perform another Shamoon-style attack either, since that requires significant prepositioning. In any case, it's unlikely they have enough prepositioning in US orgs (especially FS) to create that type of impact.
One other note, is that FS orgs are in a much different position today to deal with any DDoS attacks that Iranian-linked threat actors might attempt. Operation Ababil was a wakeup call for the whole industry and they've definitely become more resilient to DDoS in the last decade+ since.
@malwarejake it’s the proxy terrorist cells that are more problematic.
-
I've already had questions from a FinServ client about Iran replicating Operation Ababil (2012-2013 DDoS targeting FS orgs).
My assessment is that is not likely to happen. Iran has limited capacity for cyberattacks and given the current situation, they have MUCH higher priorities for cyberattacks. Realistically, they are FAR more likely to use their limited cyber resources for intelligence collection instead of destructive attacks that would have limited impacts. They are likely unable to perform another Shamoon-style attack either, since that requires significant prepositioning. In any case, it's unlikely they have enough prepositioning in US orgs (especially FS) to create that type of impact.
One other note, is that FS orgs are in a much different position today to deal with any DDoS attacks that Iranian-linked threat actors might attempt. Operation Ababil was a wakeup call for the whole industry and they've definitely become more resilient to DDoS in the last decade+ since.
@malwarejake
Sorry, dummy question.
FS orgs?
Financial service? -
@malwarejake
Sorry, dummy question.
FS orgs?
Financial service?@realn2s Yeah, financial services.
-
@malwarejake it’s the proxy terrorist cells that are more problematic.
@krypt3ia Yes - that and IRGC QF.
-
@realn2s Yeah, financial services.
-
R relay@relay.infosec.exchange shared this topic
