How to Defend Your Business Against Iranian Cyberattacks
On January 3, 2020, Iranian General Qasem Soleimani died in a Reaper drone attack carried out by American military forces. The American government cited a growing threat against US national security and the interests of the US as predication for the strike. There have been reports that Iranian cyberattacks against American businesses and government agencies are sure to intensify in retaliation.
While this may seem like an issue for the United States government to handle, American companies should recognize the fact that Iranian cyberterrorists and their allies are likely to target US civilian companies in an effort to destabilize as much of the country as possible.
The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has issued several warnings to American companies to explain the breadth and depth of the looming threat of cyberterrorism. It is essential for all US companies across all industries to take appropriate measures to defend their interests and digital assets, especially those pertaining to sensitive private data of US citizens.
Defending Your Business Interests and Data from Iranian Cyberterrorism
Ultimately, it’s important for all American business leaders to know that it is virtually impossible for the average company to protect itself from an all-out cyberattack staged by Iranian agents and Iranian allies.
The best a potentially vulnerable company can do is to make the company as hard of a target as possible in the hopes that any attacks against it will appear to be more trouble than they’re worth. It’s also essential to have protections in place in the event your company needs to recover after a cyberattack from Iranian operatives or any other cyberattack.
The CISA recommends American companies take the following steps to minimize their chances of becoming targets and to streamline recovery processes after successful attacks:
- Enable port monitoring and disable all nonessential ports. Companies should know which ports are necessary for business-critical operations and which are vulnerable. For the ports that must remain open, enable port monitoring to track all traffic through those ports.
- Configure advanced email and communications monitoring. Companies should carefully track phishing trends and consider implementing phishing protection measures to prevent employees from inadvertently granted access to cyberterrorists.
- Patch all externally facing equipment immediately. “Day zero” vulnerabilities exist on all types of equipment, so you don’t want to run the risk of letting several patch cycles pass while your systems remain unprotected.
- Limit and restrict PowerShell usage. Log all use of PowerShell within your company and cut off access for any employees who do not require access for day-to-day job duties.
- Configure a reliable data backup system. A good rule of thumb is to have at least three copies of your critical data in at least two different locations, one of which should be offsite.
- Conduct response and recovery simulations. It’s a good idea to put your defensive measure to the test and run simulations to see how your team responds to an active threat simulation, including data backup and other recovery processes.
If Iranian agents decide to attack American businesses digitally, experts predict it will be done with the intent of causing chaos and disruption rather than to extort. Businesses that take appropriate precautions will be harder targets and will therefore be more likely to be overlooked by Iranian cyberterrorists.
If you are unsure about your organization’s data security environment, contact Gilmore Jasion Mahler, LTD (GJM) to learn how we can help you defend your interests and protect your data against cyberattacks. GJM’s experts can help to uncover the vulnerabilities of your business and assist with data governance.
Established in 1996, Gilmore Jasion Mahler, LTD (GJM) is the largest public accounting firm in Northwest Ohio, with offices in Maumee and Findlay. Locally owned, GJM offers cloud-based accounting and provides comprehensive services including assurance, business advisory, tax, risk advisory, healthcare management and outsourced accounting. The Firm’s professionals specialize in industries including construction & real estate, healthcare, manufacturing & distribution and utilities.