The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that Iran intends to sow doubt on the integrity of democratic institutions in the U.S. and use cyber operations to collect intelligence in relation to the upcoming U.S. federal election.
This type of activity isn’t new and is even expected from countries like Iran and Russia due to both countries’ cyber capabilities and geopolitical situations. However, CISA is warning that the activity it has observed has been increasingly aggressive, targeting the public with influence operations and presidential campaigns with cyberattacks, hence its decision to issue its advisory.
Further to its warning, CISA, alongside the Federal Bureau of Investigation (FBI), confirmed that Iranian state-sponsored actors were behind the recent compromise of Donald Trump’s presidential campaign, which resulted in the theft and leak of confidential information.
CISA and the FBI are encouraging anyone involved in the upcoming elections to report suspicious activity to their local FBI offices and/or CISA through its online portal.
Despite the threat of cyberattacks emanating from Iran and other countries, the FBI has assured that the security and resiliency of vote casting and counting will remain unaffected, even in the case of disruptive activity targeting the voting infrastructure including ransomware and denial of service (DoS) attacks.
Source: Bleeping Computer
Analysis
It makes sense that Iran would target the U.S. election, given the outcome will likely have a significant impact on its national security interests. It’s also not surprising that Iran would target Donald Trump’s campaign since Trump is perceived as the candidate who would likely have a harsher stance on Iran and its geopolitical affairs. Iran has had a disdain for Trump since his administration ordered the killing of Iran’s top general, Qassem Soleimani in 2020. Iran has repeatedly vowed to avenge Soleimani and has even alluded to an intention to assassinate Trump and other senior members of his administration on U.S. soil.
Field Effect assesses that U.S. election-related cyber activities have just begun and will continue to escalate as the election grows nearer. Accordingly, organizations that have any involvement in the election should adopt a heightened state of cybersecurity to help mitigate the risk these activities pose.
Mitigation
Field Effect’s Security Intelligence team constantly monitors the cyber threat landscape for threats emanating from countries like Iran. This research contributes to the timely deployment of signatures into Field Effect MDR to detect and mitigate the risk these state-sponsored cyber actors pose.
Field Effect MDR users are automatically notified when various types of malicious activities are detected in their environment and are encouraged to review these AROs as quickly as possible via the Field Effect Portal.
Related Articles
