• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to secondary sidebar

Alston & Bird Privacy Blog

  • Home
  • Services
  • Events
  • Contacts

Warning: Iranian Cyber Response Possible Against Private Industry

January 7, 2020 By James Harvey, Kimberly Peretti and Amy Mushahwar

After Friday’s announcement of the killing of Major General Qassem Soleimani, a leader of Iran’s Quds Force, several regulators have put industry on high alert of the increased potential for cyber-attack.  Iran has a known history of launching cyber-attacks against US industry, and regulators warn industry to prepare for a possible rise in cyber-attacks.

The Cybersecurity and Infrastructure Security Agency (CISA), part of the U.S. Department of Homeland Security, New York Department of Financial Services and even ISACs like the Health Information Sharing and Analysis Center issued alerts this week, to name a few.

While it is important to note that there is no specific, credible, threat of new Iranian attack, Iran has a proven track record of attacks on health care, financial services, educational institutions, energy, telecommunications, other critical infrastructure and large corporations.  In addition to U.S. government alerts, many tech companies, service providers and security companies have released alerts regarding Iranian attacks against private industry.

Recommended Actions from CISA – Things to do Today

CISA outlines five steps to do today to strengthen basic cyber defenses:

  1. Prepare the Organization for Response:  Review incident and crisis response plans, consume and operationalize threat intelligence, minimize IT/security staffing coverage gaps and ensure your phone trees are up-to-date to respond.
  2. Increase Organizational Vigilance:  Ensure your security personnel know how to identify anomalous behavior that may indicate compromise.  Flag Iranian indications of compromise (IoCs). For more information on patterns of publicly known Iranian Advanced Persistent Threats, please see the CISA alert (describing common Iranian attack techniques such as, use of: credential dumping, obfuscated files/information, data compression, PowerShell, user execution, scripting, and registry run keys/startup folder).
  3. Confirm Reporting Processes:  Ensure your organization’s staff members know how and when to report an incident.
  4. Exercise Your Incident Response Plan:  Ensure your incident response team is aware of the plan (with any related crisis response plans) and can execute the steps that they need to take during an incident.
  5. Confirm Backups:  Confirm your organization has appropriate backups, and ensure it has offline backups, because attackers commonly attack backup sources.

In addition to these basic steps, our team can assist you with greater organizational awareness of cyber security for Iranian threats and beyond.  Please contact the authors or the Alston & Bird attorney with whom you normally work if you would like more information on cyber threat preparedness and what technical, operational and legal actions companies should take.

Filed Under: Cyber Risk, Cybersecurity, International, National Security, Security Breach

About James Harvey

Jim advises clients on a wide range of data, privacy, cybersecurity, and technology services initiatives. Jim founded and co-chairs our Privacy & Data Security and Cybersecurity Preparedness & Response teams. His practice crosses all data, privacy, and security lines and ranges from all aspects of breach and incident response to board-level advice to proactive data transfer and data governance counseling.

[Read Bio]

About Kimberly Peretti

Kim is a former DOJ cybercrime prosecutor and former director of PwC’s cyber forensics group. She has over 20 years of experience in cybercrime, data breach response, and cybersecurity and delivers top-of-the-line cyber risk management and information security counsel to her clients. Kim is co-lead of our Cybersecurity Preparedness & Response Team.

[Read Bio]

About Amy Mushahwar

Amy Mushahwar is a partner on the Privacy & Data Security and Cybersecurity Preparedness & Response teams. Amy has over 20 years of experience in the technology space and focuses her practice on data security, cyber risk, privacy, and emerging technologies. She advises clients on proactive data security practices, data breach incident response, and regulatory compliance.

[Read Bio]

Primary Sidebar

This blog is a service of Alston & Bird’s Privacy & Data Security team and focuses on key data privacy and data security issues.


Receive email notifications when new posts are added.

Receive email notifications when new posts are added.


THE DIGITAL DOWNLOAD
Click here to see the editions

PRIVACY & CYBER EVENTS
Click here to see upcoming and past events

PRIVACY & CYBER MAILINGS
Click here to sign up

@ALSTONPRIVACY
Click here to follow us on Twitter

Secondary Sidebar

Categories

Recent Posts

  • Federal Court Rules Cyber Forensic Report Is Not Protected Under Attorney-Client Privilege Or Work Product Doctrine
  • Financial Regulatory Agencies Announce Proposed Rule Requiring Notice of Computer Security Incidents
  • Brexit Trade Agreement Provides a Temporary Solution for Companies Transferring Personal Data from the EEA to the UK
  • UK ICO Publishes New Data Sharing Code
  • SolarWinds Hack: Unparalleled Supply Chain Attack Results in Potential Compromise of Private and Public Sector Organizations
Copyright © 2021 · Alston & Bird · All Rights Reserved. Privacy.
This website uses cookies to improve functionality and performance. By continuing to browse this site, you are consenting to the use of cookies on this website. OkCookie policy