Since the January 2, 2020 drone strikes that killed Iranian General Qasem Soleimani, cyber and national security experts have worried about retaliatory cyberattacks against US interests. Today, organizations are preparing for the worst, as the potential for a major cyber incident looms large in the minds of government and private sector leaders alike.

While current focus is rightfully on Iran, our long-term security posture requires us to take a step back and ask ourselves why we are fearful of a threat from a nation state not considered our peer. The answer partly lies in the fact that despite more than a decades’ worth of warnings, we know that critical American infrastructure in both the public and private sectors remains vulnerable to attack due to our continued failure to prioritize cybersecurity.

In this paper, entitled “The Iran Cyber Panic: How Apathy Got Us Here, and What to Do Now,” ICIT explores these themes with discussions on:

  • How A Failure to Prioritize Cybersecurity Created a Climate of Uncertainty
  • The Impact of International Law and Iran’s Understanding of U.S. Military Capabilities on Iran’s Cyber Actions
  • Iran’s History of Disruptive Attacks
  • Notable Iranian APT (including a table of profiles)
  • Targeted Sectors including Energy, Water, Defense Industrial Base, Finance, Healthcare, and Critical Manufacturing
  • The Risk of Other Adversaries Exploiting The Iran/U.S. Conflict and the Role of Attribution
  • Recommended Steps to Mitigate the Threat from Iran

This paper was authored by Parham Eftekhari, Executive Director, ICIT, and would not have been possible without contributions from Drew Spaniel, Lead Researcher, ICIT

ICIT would like to thank the following experts for their insights during the development of this paper:

  • John Agnello, ICIT Contributor & Chief, Analytic Capability Development Branch, United States Cyber Command
  • Jerry Davis, ICIT Fellow & Former CIO, NASA Ames Research Center
  • Malcolm Harkins, ICIT Fellow & Chief Security and Trust Officer, Cymatic
  • Itzik Kotler, Co-Founder & CTO at SafeBreach
  • Ernie Magnotti, ICIT Fellow & CISO Leonardo DRS
  • Luther Martin, ICIT Contributor & Distinguished Technologist, Micro Focus

DOWNLOAD THIS BRIEF HERE