Defense Department and Pentagon officials believe that Iranian hackers are responsible for the recent rash of cyber attacks on financial institutions in the United States, as well as oil companies in the Persian Gulf.
In September, J.P. Morgan, Bank of America, Wells Fargo, PNC Bank and US Bancorp all began having issues with their customer websites. Intermittent outages and delays were reported and officials from each company scrambled to fix the issues and assure customers that the websites would soon be running as normal.
Senate Homeland Security committee chairman Joe Lieberman attributed the issues to Iran, saying they had targeted the financial institutions in response to sanctions placed on them by the U.S. because of their nuclear program. Lieberman told C-SPAN: "I don’t believe these were just hackers who were skilled enough to cause a disruption of the websites. I think this was done by Iran and the Quds Force, which has its own developing cyber attack capacity. And I believe it was in response to the increasingly strong economic sanctions that the United States and our European allies have put on Iranian financial institutions.”
Talk Radio News Service
Senator Joe Lieberman a cosponsor of the CyberSecurity Act of 2012.
According to an ABC News report, Iran has launched a new website that provides the addresses of provincial offices, appeals for tips and requests anti-American essays. The report says that two days after the website was launched, Heidar Moslehi, Iran's Intelligence Minister, claimed that Iran's secret services have the upper hand in the Web war with the West, saying: "The intelligence apparatus confronts enemy measures in the cyber front."
U.S. officials had also placed blame for a massive cyberattack on the computer systems at the Saudi Arabia owned company Aramco and a natural gas company in Qatar squarely on Iranian hackers in August. The assault, known as Shamoon, involved a computer routine that replaced critical system files with an image of a burning U.S. flag, as well as replacing important data files with "garbage data".
Defense Department Secretary Leon Panetta told attendees at the Business Executives for National Security meeting that officials are aware that cyber attackers are probing critical infrastructure networks in the U.S., targeting the computer control systems that operate chemical, electricity, water plants and transportation throughout the United States.
This is the official portrait of Leon Panetta, Director of the Central Intelligence Agency, who warns of imminent Al Qaeda attack.
Panetta also stated: "The Department of Defense, in large part through the capabilities of the National Security Agency, NSA, has develop the world's most sophisticated system to detect cyber intruders and attackers. We are acting aggressively to get ahead of this problem, putting in place measures to stop cyber attacks dead in their tracks. We are doing this as part of a broad whole of government effort to confront cyber threats."
On Friday, Panetta said he believes the cyberthreat from Iran has grown. The Associated Press quoted him as saying: Iran has "undertaken a concerted effort to use cyberspace to its advantage."
He went on to say the Pentagon has poured billions into its ability to identify the origin of cyberattacks, as well as blocking any attacks and responding when needed.
The AP report also states the Obama administration knows who launched the cyberattacks against the Gulf companies and that it was a "state actor".
Defending American Cyber Space
Cyber Command, launched in 2010, would be responsible for offensive action if the United States came under cyber attack. According to the Cyber Command website, their mission is to coordinate, integrate, synchronize, direct, and conduct "network operations and defense of all Army networks; when directed, conducts cyberspace operations in support of full spectrum operations to ensure U.S./Allied freedom of action in cyberspace, and to deny the same to our adversaries. The total command strength will exceed 21,000 Soldiers and civilians and will be funded from within existing fiscal resources."
President Obama has called on the owners and operators of "essential U.S. infrastructure" to meet minimum cybersecurity standards that will be developed through a partnership between federal agencies and the private sector. He also says the private sector and federal agencies need to work together and exchange information about possible cyberthreats or malicious software that can damage computer networks.
Panetta also made it very clear on Thursday that the U.S. military is ready to retaliate if it believes the nation is threatened by a cyberattack. He also made it clear that the United States would consider a pre-emptive strike according to News Day.
Increased Cyberspace Security Faces Obstacles
In August, a Senate Republican filibuster blocked the passing of a bill aimed at increasing the cybersecurity of the United States. The bill, which has been one of the Obama administration's top national security priorities, would have established cybersecurity standards for the computer systems that oversee the country’s critical infrastructure that Obama had called for. After the bill failed to pass, White House released a statement calling the outcome “a profound disappointment,” according to a New York Times report.
Senator Lieberman, along with ranking Homeland Security and Government Affairs Committee member Senator Susan Collins (R-Maine), had worked on trying to pass cybersecurity legislation for the past year.
Republican Arizona Senator John McCain opposed the bill saying it would be too burdensome for corporations. Lieberman and Collins attempted to win over McCain and other republicans by making the standards optional, but their efforts were rejected.
The New York Times quoted Senator Collins as telling Congress: “We often hear from members on both sides of the aisle, but particularly Republican members, that we need to be listening more to generals on the ground. Listen to the generals who had responsibility in this area [who told Congress] over and over again that the nation was not prepared for a cyberattack."