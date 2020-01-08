Most Read Contributor in United States, December 2019
The New York State Department of Financial Services
("NYDFS") urged regulated financial institutions to
prepare for cyberattacks originating from the Iranian
government.
Noting Iran's vow to retaliate against the United States for
the death of Qassem Soleimani, the NYDFS stated there is "a
heightened risk of cyber attacks from hackers affiliated with the
Iranian government." The NYDFS also noted a U.S. Department of
Homeland Security's Cybersecurity and Infrastructure Security
Agency advisory issued in June 2019 warning of a rise
in malicious Iranian cyber activity.
According to the NYDFS, typical Iranian-sponsored hacking
tactics include (i) email phishing, (ii) credential stuffing, (iii)
password spraying and (iv) the targeting of unpatched devices. The
NYDFS "strongly recommend[ed]" that financial
institutions prepare for such tactics by:
addressing all vulnerabilities,
especially any publicly disclosed vulnerabilities;
ensuring that employees know how to
respond to phishing attacks;
fully implementing multifactor
authentication;
reviewing and updating disaster
recovery plans;
quickly responding to any further
alerts; and
ensuring that any alerts or incidents
- particularly those occurring after regular business hours - are
quickly addressed.
In the event of a cyberattack, the NYDFS urged financial
institutions to report the incident within 72 hours.
While the threat of serious state-sponsored cyberattacks should
always be a concern to financial institutions, the specific threat
from Iran is now even more pronounced due to fears of retaliation
for the recent killing of Qassem Soleimani by American military
forces. Firms should take the NYDFS alert to heart going forward,
and take enhanced steps to guard against ransomware,
spear-phishing, and others forms of attacks aimed at deleting data
and disrupting operations. Victims who would otherwise hesitate to
involve the FBI, DHS, or other law enforcement in responding to a
cyberattack may want to reconsider that position and have contacts
at the ready in the event the worst takes place. It is also an
opportunity to consider policies for sharing threat information
among colleague firms with similar threat profiles. While it
remains unlikely Iran has the capabilities of Russia or China to
truly debilitate the U.S. financial sector and other critical
infrastructure, its cyber offensive resources are nonetheless
considerable and attacks have the potential to be extremely
destructive.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.