Iran

Dancho Danchev has released report on the topic of "Assessing The Computer Network Operation (CNO) Capabilities of the Islamic Republic of Iran", a comprehensive, 45 pages, assessment, of Iran's cyber warfare scene, featuring exclusive, never-published before, assessments of the country's cyber warfare doctrine, analysis of the country's academic incubators of the next generation of cyber warriors, featuring, an exclusive, social network analysis (SNA), of Iran's hacking scene.

The report, answers the following questions:

While many groups linked to nation states have conducted cyber-espionage operations against other countries and their industries, a study finding that Iranian hackers had allegedly infiltrated the networks of global critical infrastructure firms has caused concern among security experts.

In a report that documents the activities of the Iranian Ajax Security Team, FireEye contends that Iran-based hacker groups are becoming increasingly more sophisticated in their attacks and could mirror the evolution of elite Chinese hacking organizations to become a hacking superpower.

While FireEye stops short of making a connection between the hackers and the Iranian government, the report notes “the objectives of these groups are consistent with Iran's efforts at controlling political dissent and expanding offensive cyber capabilities.”

Mojtaba Ahmadi, who served as commander of the Cyber War Headquarters, was found dead in a wooded area near the town of Karaj, north-west of the capital, Tehran. Five Iranian nuclear scientists and the head of the country’s ballistic missile programme have been killed since 2007. The regime has accused Israel’s external intelligence agency, the Mossad, of carrying out these assassinations.

Google said Wednesday that it has discovered and stopped a series of attempts to hack the accounts of tens of thousands of Iranian users in what the company believes is an attempt to influence the country's upcoming election.

"For almost three weeks, we have detected and disrupted multiple email-based phishing campaigns," Eric Grosse, the vice president for security engineering, wrote in a post on the company's blog.

 Cyberattacks supposedly originating from China have raised alarms in recent weeks, but U.S. businesses and government agencies should worry as much about Iran and North Korea, a group of cybersecurity experts said.

China and Russia have significantly more sophisticated cyberthreat capabilities than do Iran and North Korea, but the two smaller countries are cause for concern in international cybersecurity discussions, the experts told a U.S. House of Representatives subcommittee last wek.

Iranian authorities have blocked the use of most virtual private network (VPNs) to stop people in the country from circumventing the government's internet filter, three months before the country holds its presidential election.

"Within the last few days illegal VPN ports in the country have been blocked," Ramezanali Sobhani-Fard, the head of the Iranian parliament's information and communications technology committee, told Mehr news agency, according to Reuters. "Only legal and registered VPNs can from now on be used."

Researchers have uncovered a never-before-seen version of Stuxnet. The discovery sheds new light on the evolution of the powerful cyberweapon that made history when it successfully sabotaged an Iranian uranium-enrichment facility in 2009.

The attackers hit one U.S. bank after the next. As in so many previous attacks, dozens of online banking sites slowed, hiccupped or ground to a halt before recovering several minutes later.

But there was something disturbingly different about the wave of online attacks on U.S. banks in recent weeks. Security researchers say that instead of exploiting individual computers, the attackers engineered networks of computers in data centers, transforming the online equivalent of a few yapping Chihuahuas into a pack of fire-breathing Godzillas.

A new piece of malware that deletes entire partitions and user files from infected computers has been found in Iran, according to an alert issued  by Maher, Iran's Computer Emergency Response Team Coordination Center (CERTCC).