now browsing by tag


#hacking | U.S.-Iran Tensions Mount After Death of Two Americans

Source: National Cyber Security – Produced By Gregory Evans

The U.S. launched a series of air strikes targeting an Iran-backed militia in Iraq on Thursday, the day after two American service members were killed during an exchange of rocket fire between U.S. forces and the group. It is a dramatic escalation in a months-long confrontation between Washington and Tehran, and U.S. officials worry the fight could intensify as a spate of pressures mounts in Iran: a large outbreak of COVID-19, a collapse in the price of oil prices that sustain its economy, and continuing domestic hardships caused by America’s tough economic sanctions against the government.

The U.S. deaths came during a rocket attack on a base in Iraq on Wednesday that also killed one British citizen and injured 14 others, including contractors for U.S. firm DynCorp International. “The United States will not tolerate attacks against our people, our interests, or our allies,” Secretary of Defense Dr. Mark T. Esper said on Thursday. “As we have demonstrated in recent months, we will take any action necessary to protect our forces in Iraq and the region.”

The U.S. said the strikes were defensive, and targeted five military sites belonging to Kataib Hezbollah, the group the U.S. says carried out Wednesday’s attack, including at least one weapons storage depot north of the Shi’ite shrine city of Karbala, a U.S. military official told TIME, speaking anonymously because he was not authorized to describe the strikes publicly.

Tensions in the region had been slowly ratcheting up before the U.S. strike. Rather than ending what had been an ongoing proxy war between Washington and Tehran, President Donald Trump’s lethal drone strike early this year that killed Major Gen. Qasem Soleimani, the head of the Iranian Revolutionary Guard Corps’ paramilitary Quds Force, risked escalating the conflict, said three U.S. intelligence officials, who spoke only on the condition of anonymity.

Days later, Iran launched more than a dozen missiles at U.S. troops on two Iraqi military bases. While no Americans were killed, more than 100 have reported brain injuries as a result of the explosions. “The Iranian regime probably does not consider scores to have been entirely settled with the U.S. after the assassination of Soleimani,” says former CIA Mideast analyst Paul Pillar.

Indeed, Iranian-backed militias operating in Iraq have continued to attack U.S. forces. Fred Kagan, a resident scholar at the American Enterprise Institute, a Washington think tank, described Wednesday’s strikes as part of that continuum. The Iranians “wanted to be on an escalation path” after Soleimani’s death, Kagan says, but were deflected by their military’s apparently mistaken downing of a Ukrainian airliner and, now, the world’s third-largest caseload of coronavirus. “Their attention has been pulled elsewhere, but this is not the first time they have taken a shot,” since the U.S. strike on Soleimani, Kagan says.

Related Stories

Privately, current and former U.S. intelligence officials and outside experts have been warning for weeks that the coronavirus outbreak and plunging oil prices, coming atop the Trump administration’s effort to exert “maximum pressure” on Iran’s economy through sanctions, could cause the hardline regime in Tehran to blame others for the hardships and lash out.

Gen. Kenneth McKenzie, the head of the U.S. Central Command, told the Senate Armed Services Committee (SASC) on Thursday that the coronavirus outbreak in Iran, where there are now more than 10,000 confirmed cases, “probably makes them—in terms of decision-making—more dangerous, rather than less dangerous.”

The price of benchmark Brent Light crude oil has dropped about 50% so far this year, in part because of the damage the virus has inflicted on the economy of China. China accounts for 20 percent of Iran’s oil exports, the nation’s economic lifeblood. “The drop in oil prices intensifies Iran’s economic motivations not just to sit there and take it,” former CIA officer Pillar said before Wednesday’s attack. “Lashing out is more likely than folding and accepting U.S. demands.”

Two of the U.S. officials said Tehran is more likely to blame the plummeting oil price on its archenemy Saudi Arabia’s refusal to make a deal with Russia to boost prices by cutting oil production. “This doesn’t mean there will be another Pearl Harbor, but we could see more actions such as last year’s attacks on Saudi Arabia, which were partly intended to send the message that if Iran can’t export its oil, then other Persian Gulf producers will have problems exporting theirs,” says Pillar.

In response, they said, the U.S. has been trying to improve Saudi air defenses, especially in the Kingdom’s oil-rich Eastern Province, where Iran attacked oil facilities last September with a combination of drones and low-flying cruise missiles launched from near the Iraq-Iran border.

A possibly greater danger, one U.S. official said on Wednesday, is renewed Iranian cyberattacks on Saudi Arabia and other Sunni Muslim nations in the Gulf. “Hacking is harder to trace quickly than a missile or even a drone attack, and Iran has developed fairly respectable cyberwarfare capabilities,” the official said, requesting anonymity to discuss classified material.

The U.S. has also been negotiating with the Iraqi government to improve that country’s air and missile defenses, but Baghdad’s instability has interfered with that effort, McKenzie told the House of Representatives Armed Services Committee on March 10.

Spotlight Story

Why Overreacting to the Threat of the Coronavirus May Be Rational

The problem with COVID-19 is that it’s unclear what to do.

The U.S. officials declined to say whether American spy agencies have increased their satellite and other surveillance of Iran’s missile sites, naval bases, and other military targets in response to the threat of new Iranian attacks on coalition forces in Iraq, oil and gas facilities, and shipping in the Persian Gulf.

For the last three years, there has been an abiding belief within the Trump Administration that inflicting greater economic damage on Iran through a “maximum pressure” campaign and killing military leaders such as Soleimani will force Tehran to curtail its nuclear and missile programs and support for terrorist groups like Kataib Hezbollah and other allies in Lebanon, Syria, Iraq, Yemen, and Africa.

But many in the intelligence community disagree with this strategy. The administration has ignored repeated U.S. and foreign intelligence analyses, repeated in this year’s still-unreleased Worldwide Threat Assessment, warning that the maximum pressure campaign might backfire, and that Iran is unlikely to abandon its efforts to develop nuclear weapons. An International Atomic Energy Agency report this month said Iran’s enriched uranium stockpile was 1,510 kg, more than three times the 300kg limit set under the 2015 nuclear agreement, which the Trump Administration abandoned in 2018.

Even military officials warn the Trump administration’s policies are making the country more dangerous. “As the maximum pressure campaign against Iran continues, they are unable to respond really economically or diplomatically, the two channels that we’re using to apply pressure on them,” McKenzie told the SASC on Thursday. “As they seek to find a way to respond, the only way that’s left is the military component.”

McKenzie said Iran can accomplish that two ways: Through their state military or through their system of proxy militias. Because Iranian leadership is most interested in survival, they typically choose not to use their own military, he said, and stage attacks instead through proxies that are unattributable to Tehran or fall below the threshold for a U.S. response.

“That poses a real danger for them because I’m not sure they do have a good understanding of where our redlines are and where we’re not going to be pushed,” he said.

The U.S. strike came just days after the House approved a resolution that forbids President Donald Trump from launching a military attack against Iran without congressional authorization. The measure, which passed on a rare bipartisan 227-186 vote, was drawn up to rein in the president’s power in the wake of his unilateral decision in January to kill Soleimani. It now goes to the White House, where Trump is expected to veto it.

—With reporting by Kimberly Dozier and W.J. Hennigan in Washington

Contact us at

Source link

The post #hacking | U.S.-Iran Tensions Mount After Death of Two Americans appeared first on National Cyber Security.

View full post on National Cyber Security

#nationalcybersecuritymonth | DNC warns campaigns about cybersecurity after attempted scam

Source: National Cyber Security – Produced By Gregory Evans

An online “impersonator” of a Democratic National Committee (DNC) staffer tried to contact presidential campaigns, including Sen. Bernie SandersBernie SandersWinners and losers from the South Carolina debate Five takeaways from the Democratic debate Sanders most searched, most tweeted about candidate during Democratic debate MORE’s (I-Vt.) campaign, the committee said in a statement to the candidates Wednesday.

Bob Lord, the DNC’s chief security officer, wrote in an email to the campaigns that “adversaries will often try to impersonate real people on a campaign,” The Associated Press reported

He added that the “adversaries” could try to get campaign workers to “download suspicious files, or click on a link to a phishing site” or set up calls or in-person meetings to record and release.

Lord warned that the “impersonator” contacted the Sanders campaign and at least two others and had a domain registered overseas. But he acknowledged that anyone can register a domain name in any country.  

“Attribution is notoriously hard,” he wrote. “The appropriate authorities have been alerted.”

“If you are using an alternate domain, please refrain from doing so and let us know if you are operating from a domain that others have not corresponded with before,” Lord added. “Do not use your personal mail account for official business.”

Sanders campaign spokesman Mike Casca confirmed the incident with the AP and said the domain was registered in Russia.

“It’s clear the efforts and investments made by the DNC and all the campaigns to shore up our cybersecurity systems are working,” Casca said, according to the AP. “We will remain vigilant and continue to learn from each incident.”

The Hill reached out to the DNC and the Sanders campaign for confirmation.

The Vermont senator said on Friday that he was briefed about a month ago that Russia was attempting to boost support for his campaign.

Democratic campaigns have been cautious about cybersecurity since Hillary ClintonHillary Diane Rodham ClintonDemocratic insiders stay on the sidelines in 2020 race Hillicon Valley: Twitter falling short on pledge to verify primary candidates | Barr vows to make surveillance reforms after watchdog report | DHS cyber chief focused on 2020 The Hill’s Campaign Report: High stakes at last Democratic debate before Super Tuesday MORE campaign chairman John Podesta’s emails were hacked and published after he received an email seemingly from Google directing him to change his account.

Source link

The post #nationalcybersecuritymonth | DNC warns campaigns about cybersecurity after attempted scam appeared first on National Cyber Security.

View full post on National Cyber Security

Adobe fixes critical flaws in Media Encoder and After Effects – Naked Security

Source: National Cyber Security – Produced By Gregory Evans

After fixing a fat pile of critical security flaws as part of last week’s Patch Tuesday update, Adobe has come back with two more that need urgent attention.

This is what’s called an out of band update, which means that a vulnerability is too risky or likely to be exploited to leave to the next scheduled update.

The first is in the Windows and macOS versions of the After Effects graphics software and affects anyone running version 16.1.2 and earlier.

Identified as CVE-2020-3765 after being reported to Adobe only days ago, the company offers little detail on the vulnerability itself beyond stating that the update:

Resolves a critical out-of-bounds write vulnerability that could lead to arbitrary code execution in the context of the current user.