02/02/2023

Iranian hackers could instantaneously shut down an entire power grid, experts say, or go after your bank. Is America ready?

The U.S. airstrike in Baghdad that killed Iranian General Qassem Soleimani on Friday will likely lead to retaliatory cyberattacks against America, security authorities say. 
That means the power and electricity you use, the smart devices you carry and your bank accounts could be more vulnerable than ever to bad actors looking for revenge. 
The U.S. military attack on Iran will “generate some significant response from the Iranians and that response could very well come in the form of a major cyberattack, said Jamil N. Jaffer, vice president at IronNet Cybersecurity, a startup that helps nations defend against advanced digital threats. 
A cyber conflict between the U.S. and Iran has been silently raging for years, with hacking attempts from the Middle East being made every single day. But now that the government has taken out one of the most powerful figures in Iran, an influx of hacking attempts is expected.
“Maybe theyll double,” said Oded Vanunu, a leading vulnerability researcher at Check Point. “There will be many more cyberattacks in a short time. Most of which will target online services.”
Your 2020 checklist: 6 steps to a safer digital life
Possibility or pipe dream:How close are we to seeing flying cars?
Products that connect to the internet are inherently hackable, and since most consumer-focused tools these days connect to a network, hackers in Iran can go after some of the largest and most widely used services in the country. 
Private-sector corporations, which include banking, health care and energy services, would be the primary targets, according to Paul Martini, co-founder of the network security platform iBoss. 
In the worst-case scenario, Iranian hackers “could instantaneously shut down an entire power grid,” Martini said. “Its not just the lights, its also the internet which shuts down communication systems. Without shooting a single bullet or missile, you can shut down an entire county or nation.”
And even if Iran’s hacking capabilities aren’t sophisticated enough to fully undermine the U.S., high-ranking officials could bribe advanced hackers from around the world with bitcoin, Martini said. 
Big cities like Atlanta, Boston and New Orleans have been crippled by various forms of cybersecurity attacks in recent history. 
In the past few years, the Trump administration has issued a series of cyberattacks against Iran. Iran and hackers in general have gotten more sophisticated in orchestrating attacks on interconnected computing systems over time. 
How to:Prevent hackers from breaking into your security cameras
“It is known that the United States is not as cyber secure as it should be,” said Adam Levin founder of the cybersecurity platform CyberScout. “We haven’t made the investments that we need to make or the training that we need to. We are sitting ducks.”
It’s important to remember that cyberattacks have low success rates, as a 2019 RAND study points out. The study also found that most Iranian cyber operations appear more focused on retaliation rather than serving a coercive purpose.
Still, the million-dollar question remains: How can you protect yourself?
Financial institutions have fraud prevention methods baked into their networks, and many can patch vulnerabilities through updates so, there is some level of security out there. 
Even with a cyberwar in the air, expert guidance for internet security remains the same as always.  
Use secure passwords. Save hard copies of information and write down phone numbers rather than relying on internet connectivity or devices. 
“Go back to basics,” Martini said. “Its not doomsday prep where you have to build a footrace or bomb shelter but store important information so if you were to lose digital access, you would still be able to function in day-to-day life.” 
Follow Dalvin Brown on Twitter: @Dalvin_Brown.