Cybersecurity Experts Warns of a Possible Development of Bitcoin Ransomware by Iranian Hackers
Amidst the possibility of United States US imposing sanctions on Iran, Iranian hackers are working towards the development of a Bitcoin ransomware, reports The Wall Street Journal after they interviewed some cyber security experts.
A cybersecurity intelligence group from Accenture PLC, have been following closely five ransomware variations built in Iran over the last two years. According to Jim Guinn, who is responsible for the industrial cybersecurity department in Accenture, these hackers are looking forward to secure payments in digital coins where these sanctions take place.
While the security experts have not confirmed these suspicions, there are clues that are leading the experts to Iran. The samples of ransomware collected include messages written in Farsi and have connections with computers based in Iran. Accenture recently noted in a report that these ransomwares could be spearheaded by either the Iranian government agents, some random criminals or both.
Ransomware Effects on Business and Government
The plague of ransomware has been negatively affecting businesses and governments for a very long time. For instance, at the San Francisco Municipal Transportation Agency, these malicious programs disabled payment systems. They also affected systems in various U.K hospitals and some cargo shipments. In some instances, hackers with government support have gone ahead to receive illegal payments in form of cryptocurrencies from unsuspecting victims.
According to Crowdstrike, a cyber security firm, one ransomware variant discovered by iDefense has connection with the Iranian government. Apparently, a software called Tyrant was developed to prevent Iranian citizens from downloading software designed to prevent the government from spying and snooping on the citizens.
Malicious Crypto Mining Software Linked to Iran
Iran is also linked to malicious crypto mining software that robs individuals’ computers power to mine cryptocurrencies. Accenture has identified a crypto mining software that is in the Middle Eastern customer networks that has digital clues leading up to the same country.
Guinn has cited that the malicious crypto mining software has created a myriad of problems in the oil and gas industries in the Middle East. He further says that the industry has lost million of dollars of compute cycles in the past year.
In addition, Symantec Corp. as well as Palo Alto Networks Inc. reports show that a pair of data stealing operations were connected to Iran last month.
Iran Denies these Allegations
Despite links leading to Iran as the responsible party, the country has denied the allegations claiming that the country has also been a victim of the cyber-attacks. For instance, Stuxnet, a cyber attack Israel and the U.S initiated like a decade ago, disabled the uranium-enrichment centrifuges that powered Iran’s nuclear program. According to Iran’s government officials and some researchers, Iran has decided to enhance its cyber security and capabilities to protect the country’s resources from such attacks.
Former director of the US Cyber Command and the National Security Agency, who is now the chief executive of IronNet Cybersecurity Inc. asserts that crypto mining is an easy way of cash strapped governments of making quick cash.
Guinn has also noted that hackers are stealing intellectual property.