Hackers have attacked networks in multiple countries including the data centers of Iran where the hackers left an image of United States flag on their screens along with a message warning them. The message read, “Don’t mess with our elections” as claimed by the Iranian IT ministry on Saturday.
The Communication and Information Technology Ministry pronounced in a statement carried by Iran’s officials news agency, IRNA, that, ““The attack apparently affected 200,000 router switches across the world in a widespread attack, including 3,500 switches in our country.”
The statement said that the attack which hit the internet service providers (ISPs) was knocked offline for the subscribers allowing no web access made possible due to vulnerability in the routers from Cisco.
Cisco had issues a warning earlier regarding this weakness in their routers and even provided a patch that some firms had failed to install during the Iranian New Year holiday. A threat researcher Nick Biasini who works at Cisco’s Talos Security Intelligence and Research Group said in a blog published on Tuesday that “There have been several incidents in multiple countries which includes some specifically targeting critical infrastructure and have involved the misuse of the Smart Install Protocol.”
He further added saying that as a result of this hacking they are now taking an active stance and are urging customers once again about the “elevated risk and available remediation paths” on the Cisco router.
On Saturday evening, Cisco claimed that those postings were a tool to help their clients identify the vulnerabilities and learn how to repel a cyber-attack. Minister Mohammad Javad Azari-Jahromi, Iran’s IT Minister posted a picture on twitters which contained the US Flag and the hacker messages and added saying that it is still not clear who carried out the attack.
Azari-Jahromi claims that the attack mainly affected India, Europe and the United States as reported by the state. Asari-Jahromi was quoted saying that, “Some 55,000 devices were affected in the United States and 14,000 in China and Iran’s share of affected devices was 2 percent.”
In another tweet, Iran’s IT Minister was seen mentioning that the computer emergency response body MAHER had demonstrated “weaknesses in providing information to the companies that were affected” after the cyber-attack which was disclosed on Friday and was late in being detected.
The Deputy Head of the state-run Information Technology Organization of Iran, Hadi Sajadi said that the attack was neutralized with hours and there was no loss of data.
This attack on the servers in Iran comes as Iran itself is producing smart and skilled hackers that are getting busted by the United States. In one of the Department of Justice’s (DOJ) major state-sponsored cyber-theft cases the Federal prosecutors’ unsealed cyber-criminal charges that involved 9 Iranians. These Iranians allegedly burglarized data from some US organization as well as overseas in late March. At that time 31 terabytes of data was stolen by these hackers as claimed by the Prosecutors.
This 31 terabytes hack included 144 U.S universities, 5 U.S government agencies to get financial aid and 36 U.S Businesses.
Source: ITProPortal