Experts: Iran and North Korea are looming cyberthreats to U.S.

The two countries may lack some capabilities, but they have strong intentions to do harm, experts say

Cyberattacks supposedly originating from China have raised alarms in recent weeks, but U.S. businesses and government agencies should worry as much about Iran and North Korea, a group of cybersecurity experts said.

China and Russia have significantly more sophisticated cyberthreat capabilities than do Iran and North Korea, but the two smaller countries are cause for concern in international cybersecurity discussions, the experts told a U.S. House of Representatives subcommittee Wednesday.

While China and Russia maintain active diplomatic ties with the U.S., which should discourage them from launching major attacks on the U.S., Iran and North Korea may be driven to attack the U.S. out of desperation to maintain their political regimes in the face of global isolation, said Frank Cilluffo, director of the Homeland Security Policy Institute and co-director of the Cyber Center for National and Economic Security at George Washington University.

Iran still lacks the capabilities of Russia and China, but it has been testing its cyberattack abilities in recent months, Cilluffo said. "The bad news is ... what they lack in capability, they more than make up for in intent," he said. "Whatever [capability] they don't have, they can turn to their proxies or buy or rent."

Iranian attackers can buy botnets that can disrupt U.S. businesses, he told the House Homeland Security Committee's cybersecurity subcommittee. Cybersecurity experts have pinned a series of denial-of-service attacks on U.S. banks early this year, and a 2012 attack on Saudi Arabia's national oil company, Aramco, on Iranian hackers.

North Korea is a "wild card," Cilluffo added. The country is actively seeking cyberattack capabilities, he said.

Hackers in China and Russia are largely focused on espionage and theft, but those two countries have less interest at the moment in damage-causing cyberattacks on the U.S., Cilluffo said. The capabilities of China and Russia make them advanced persistent threats, but "they have some modicum of responsibility and recognize that we can retaliate," he said.

Iran and North Korea are more unpredictable, witnesses at the hearing said. Iran seems to be focusing its cyberattack capabilities on retaliation against the U.S. and Israel if the two countries attempt to shut down its nuclear program, said Ilan Berman, vice president of the American Foreign Policy Council, a think tank. That focus makes Iran "particularly volatile," he said.

Iran's attack on Aramco in mid-2012, causing damage to 30,000 computers, was a warning to the U.S. and other countries about the country's growing capabilities, Berman said. Iran is "outlining how they would act in the event of a breakdown in relations," he said. The Aramco attack "can be seen as a signaling mechanism by which Iran is telegraphing to the international community" its plans to attack critical infrastructure if war breaks out.

Representative Mike McCaul, a Texas Republican, asked when cyberattacks cross the line into warfare. "At what point do we respond?" he said.

Berman said he couldn't answer that question. Instead, U.S. defense and intelligence officials need to make that decision, he said.

Cyberattackers are changing their tactics as large U.S. companies harden their defenses, said Richard Bejtlich, CSO at security vendor Mandiant, which recently pinned responsibility for several espionage campaigns on a Chinese government cyberunit. Attackers are often targeting smaller companies that partner with large organizations, and then working their way in to the larger target, he said.

The attacks are often successful because "there's an imbalance between offense and defense," Bejtlich added. "A single attacker or group of attackers can keep hundreds or thousands of defenders busy."

Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's e-mail address is grant_gross@idg.com.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags Frank CilluffoHomeland Security Policy InstituteMike McCaulIlan BermansecurityGeorge Washington UniversityAramcogovernmentMandiantRichard BejtlichAmerican Foreign Policy Council

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Grant Gross

IDG News Service
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?