The US Government's increasingly belligerent confrontation with Iran has prompted New York's Department of Financial Services to urge banks to heighten cybersecurity precautions.
The Iranian government has vowed to retaliate against the United States for the death of Qassem Soleimani, the Middle East country's most prominent military commander.
"Given Iranian capabilities and history, US entities should prepare for the possibility of cyber attacks," states the NYDFS in an industry letter to all regulated entities. "Iranian-sponsored hackers have historically relied primarily on common hacking tactics such as email phishing, credential stuffing, password spraying, and targeting unpatched devices."
In 2012 and 2013, Iranian state-sponsored hackers launched denial of service attacks against 46 major US banks. In 2016, the Justice Department unsealed indictments against seven Iranians who were allegedly working on behalf of the Iranian government, including the Iranian Revolutionary Guard Corps, charging them with perpetrating the DDoS campaign.
And given the fragile nature of the relation between US president Trump and Ayatollah Ali Khamenei, the US Government warned in June last year of “a recent rise in malicious cyber activity directed at United States industries and government agencies by Iranian regime actors and proxies,” and that Iranian attackers were increasingly using highly destructive attacks that delete or encrypt data.
DFS is calling on banks to ensure that all vulnerabilities are patched and remediated, to update employee training and disaster recovery programmes, fully implement multi-factor authentication and promptly report any suscpected intrusions by outside forces.
States the DFS: "It is particularly important to make sure that any alerts or incidents are responded to promptly even outside of regular business hours - Iranian hackers are known to prefer attacking over the weekends and at night precisely because they know that weekday staff may not be available to respond immediately."