• Home
  • Subscribe
  • Donate to Tikun Olam
  • Comment Rules
  • Contact
  • About

Tikun Olam תיקון עולם

Breaking news on the Israeli national security state

Likely Israeli Cyber Attack Compromises 15-Million Iranian Bank Accounts

December 14, 2019 by Richard Silverstein

254 shares
  • Twitter
  • Facebook196
  • Email
  • Reddit58
  • Buffer
hacked bank account

15-million Iranian bank accounts were hacked and their owners financial data published via Telegram

The NY Times published a story this week about a massive cyber attack against three major Iranian banks which targeted 15-million customers. The latter received warnings that their account information had been hacked, harvested and made available via a Telegram account. This, of course, aroused panic in account holders and the banks themselves.

At first glance, the attack appeared in the guise of a conventional ransomware operation in which victims are deprived access to their accounts until they paid a financial ransom. But there was no serious attempt by the perpetrators to collect funds from the victims. This confirms that there was no financial motive in the enterprise.

Iranian officials at first attempted to ignore the hack, or at least refuse to acknowledge it publicly. But within the past few days, they did confirm it was a major attack.

Its purpose was clearly to further damage the Iranian economy, already strangled by U.S. sanctions:

…Outside cyberexperts…said a breach of such magnitude was likely the work of a state entity aiming to stoke instability, not criminals whose objective is blackmail for financial gain.

So who was the culprit? There are only three credible suspects: Saudi Arabia, the U.S. and Israel. Let’s rule out the first from the get-go. Though the Saudis have been playing catch-up in the cyber-hacking arena in an attempt to match the successes of their Iranian rivals, it’s doubtful they have the wherewithal to conduct such a large-scale sophisticated operation.

It’s possible the Saudis could have contracted out the job to a sophisticated network of freelance hackers. There are certainly such groups in Russia, China and North Korea. But my strong suspicion is that this was not such an operation, but rather one performed by a nation-state.

NY Times article with Israeli journalist, Ronen Bergman’s byline

As for potential U.S. involvement, it’s certainly possible the NSA or the military Cyber Command perpetrated this attack. We have the motivation and skill-set.  We also could have collaborated with Israeli cyber-hackers as we did in Operation Olympic Games., which involving sabotaging the uranium enrichment centrifuges at Natanz.

There is one circumstantial, but highly persuasive reason the culprit is Israel. If you review the Times article, you’ll note that one of the two reporters credited with a byline is Ronen Bergman. He is one of Israel’s leading national security and intelligence journalists. He has excellent sources within Israeli intelligence circles.

There is only one reason he co-wrote this story: his Israeli sources offered him information about the attack they themselves performed.  Bergman was cagey in his story and did not say this explicitly. But given how much Israel has to gain by sowing mayhem inside Iran, it’s no surprise that the reporter chose to quote an Israeli cybersecurity expert practically crowing about the damage done to the country’s financial sector:

ClearSky, a cybersecurity company that was among the first to issue warnings of the breach, said it had damaged the flow of financial transactions inside Iran and had harmed the reputation of the affected banks, with customers panicking about their personal information having been made public.

Boaz Dolev, the chief executive officer of ClearSky, said the scope of the breach indicated that whoever was responsible possessed “high technological capability, which is usually at the hand of state intelligence services.”

No, I do not have further inside information on the attack to bolster my argument. Such sourcing would be helpful. But it’s not necessary. I’ve followed Bergman’s reporting for years and you can “take it to the bank” (pardon the phrase) that either Unit 8200 or allied Israeli unit was instrumental in the Iran attack.

For those who believe the U.S. was instrumental in the attack (rather than Israel), there is one tell-tale sign this is incorrect: the NY Times article offers “additional reporting” credit to DC-based reporter Mark Mazzetti.  He presumably tracked down leads and sources to determine the level of U.S. involvement.  Had there been any, Mazetti would have shared a byline with the others.  Instead, his contribution was highlighted at the very end of the story.

The banking hack represents a further escalation in the annals of national cyberwarfare. In the past, hackers have infiltrated banking systems in order to steal or extort money. And in the U.S., Iranian hackers were believed to have infiltrated U.S. bank computer systems.

But the damage done in this case was more pervasive and severe. Israel has the ability and motivation in spades to organize this attack. It has assassinated Iranian nuclear scientists, sabotaged uranium enrichment equipment, and bombed an IRG missile base. A financial sector attack of this sort is right up Israel’s alley.

Of course, Iran will now redouble efforts to exact revenge not just on the Israel financial sector, but on any entities doing business with it who have vulnerabilities.

Israel either believes that its own banks have robust enough defenses to repel such an attack; or they simply haven’t calculated the repercussions from this attack. But in this era of cyber-war, no bad deed goes unpunished. Iran will figure out a way to repay the favor. And then Israel will be the victim. These attacks could rapidly escalate and the social and economic costs could spiral out of control.

Such cyber-war operations are a Pandora’s Box. At first, they appear attractive means to damage an enemy without putting troops on the battlefield and paying in blood. But cyberattacks can and will lead, at some point, to very real wars. Only then will the world understand that they are not a play toy and not a substitute for physical force or military attack. I only hope we don’t learn this lesson too late.

0 0 votes
Article Rating
Richard Silverstein
Website | + posts

Silverstein has published Tikun Olam since 2003, It exposes the secrets of the Israeli national security state. He lives in Seattle, but his heart is in the east. He publishes regularly at Middle East Eye, the New Arab, and Jacobin Magazine. His work has also appeared in Al Jazeera English, The Nation, Truthout and other outlets.

  • Richard Silverstein
    https://www.richardsilverstein.com/author/to487j/
    Cycle of Blood: Jerusalem Attacker's Palestinian Grandfather, Murdered by Jewish Terrorist
  • Richard Silverstein
    https://www.richardsilverstein.com/author/to487j/
    Bibi Fiddles While Jenin Burns
  • Richard Silverstein
    https://www.richardsilverstein.com/author/to487j/
    Leading Israeli Security Think Tank Warns of End of US-Israel "Special Relationship"
  • Richard Silverstein
    https://www.richardsilverstein.com/author/to487j/
    IDF Snipers Murder Palestinian Boys

Related

Filed Under: Mideast Peace, Technology-Security Tagged With: cyber-warfare, hacking, iran, Israel Defense Forces, unit 8200

3 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
Jack
Jack
December 15, 2019 12:02 AM

[comment deleted: Off topic. This is your last warning. Next comment rule violation means banning.]

0
Jack
Jack
December 15, 2019 9:01 AM

Iran’s security chief identifies the hacker as APT 27, a Chinese speaking hacker group.

https://securityaffairs.co/wordpress/95169/apt/iran-foiled-2-attack.html

So it’s not Israel.
I mean…Iran ought to know who is hacking her.
Right?

Rush to judgment!
Rush to judgment!

1
Richard Silverstein
Richard Silverstein
Admin
Reply to  Jack
December 15, 2019 1:12 PM

@ Jack: First, what an Iranian official says means very little. Iran has a vested interest in NOT acknowledging Israel’s involvement. In fact, this is the 2nd “explanation” offered by Iranian offiicials. And the 2 explanations contradict each other. Strikes me as different sectors of the government are trying to cast blame everywhere but where it belongs. An old disinformation trick.

Second, it is impossible to believe that China, which is allied with Iran, would permit its hackers to engaged in an attack on Iran. Third, I conceded in my post that the Saudis could have contracted with a bunch of rogue freelancers, and even named China as one possible source for the personnel who could orchestrate this.

You are entirely too gullible when it’s convenient to you. Not to mention naive.

-2
wpdiscuz   wpDiscuz

Donate via Mightycause

Donate via Paypal

Recent Posts

  • Cycle of Blood: Jerusalem Attacker’s Palestinian Grandfather, Murdered by Jewish Terrorist
  • Bibi Fiddles While Jenin Burns
  • Leading Israeli Security Think Tank Warns of End of US-Israel “Special Relationship”
  • IDF Snipers Murder Palestinian Boys
  • Israel’s Anti-Government Protest Quashes Display of Palestinian Flags

Search

  • Facebook
  • Twitter
  • Reddit

Categories

Archives

Pages

  • Photo Gallery
  • Home
  • Privacy Policy
  • Terms of Use

Publications (author page)

  • Middle East Eye
  • The Nation Magazine
  • Al Jazeera
  • Jacobin
  • New Arab
  • Comment is Free
  • Mint Press News
  • Truthout
  • Seattle Times

Mideast Peace

  • Eyewitness Palestine
  • No Tech for Aparteid
  • Places Time Forgot
  • Zochrot
  • Defense for Children International
  • Human Rights Defenders
  • Silwan
  • Visualizing Paiestine
  • Al Shabaka
  • Tony Greenstein

Progressive Media

  • Canadian Dimension
  • Vashti Media
  • Jewish Voice for Labour
  • Challenging Christian Zionism
  • Scheer Post
  • Contrary Perspective
  • Global Voices

Meta

  • Log in
  • Entries RSS
Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy

Tikun Olam is fiscally sponsored by Media Alliance, a 501(c)(3) nonprofit organization.

Be a Mensch: Support Tikun Olam!

Thanks for visiting Tikun Olam. It breaks exclusive stories on Israel-Palestine, often not yet published anywhere, including Israel. Please subscribe to new posts–and tell all your friends!

Support my unique work with a tax-deductible donation to Media Alliance, my fiscal sponsor.

You are going to send email to

Move Comment