Posted on January 5, 2020 at 10:57 AM
Yesterday night, Iranian hackers altered the homepage of the U.S. Federal Depository Library Program. The homepage showed a punched face of President Donald Trump. It also contains a message that says the group would continue to show their support for their friends within the region.
The “friends’ in the message is referring to the Syrian government, the oppressed people of Yemen, and the oppressed people of Pakistan. It also refers to other people in the region that Ian is currently supporting.
Nature of the attack
Below the message, there is a picture of Ali Khamenei, the supreme leader of Iran, as well as the Iranian flag.
Another message also displayed below Trump’s punched face says the message is only a tip of what Iran can do when it comes to cyberattacks.
However, the entire message about the attack is no longer available on the portal. The website is not yet accessible at the time of writing.
Although it was not confirmed which cyber group is responsible for the attack, there is overwhelming evidence from the message that the attack is coming from Iran. Earlier reports gathered that Iran has been planning a series of attacks, both in military terms and in cyberspace.
No serious damage was done
Traditionally, the United States FDLP was set up to offer the public permanent and free access to information from the Federal Government. The portal is merely used as an information portal with no other forms of activity. It shares different information to the public, including court opinions, bills and status, as well as related information about governmental activities.
FDLP confirms attack
A spokesperson of Cyber Security and Infrastructure Agency (CISA) has confirmed the attack. He stated that the government is aware that a pro-Iranian agency has infiltrated the website of the FDLP with anti-US messaging.
But the government has not yet confirmed whether the attackers are affiliated or have any connection with the Iranian government. He stated that the site is currently not available because it has been taken offline. The government and CISA are presently investigating the situation and hope to come up with more revelations about the attack soon, the spokesperson stated.
A cybersecurity expert who is also a U.S. official also acknowledged the attack. However, he played down its significance. He said the attack is of no consequence because the website is only an information-sharing
site. He also noted that the small defacement does not have any meaningful bearing on the attacked agency. The expert also opined that the hackers may be those just sympathizing with Iran, and may not be linked to the Iranian government.
Iran’s retaliatory attack
With this new development coming barely two days after the U.S. killed Qassem Soleimani in an airstrike, it seems the retaliatory attack that cybersecurity experts warned about has just begun.
Earlier, the U.S. Department of Homeland Security has warned corporations and government institutions of an imminent retaliatory attack from Iran. The Department warned that the infiltration of the U.S. cyberspace could be one of their possible attack avenues.
The DSH posted the bulletin on Twitter. It pointed out that Iran has a sophisticated cyber program, and they could use it as an advantage to launch a cyberattack on US companies and government institutions.
Several experts have been tracking the activities of hackers from the region and the activities of a group known as the Iran cybersecurity Group of Hackers. However, it’s not known whether this group has any affiliations with the Iranian government.
Although there was no evidence that the hackers ware able to breach past the site’s homepage, the resulting damage may be a minor one. The attack was not meant to be a destructive one, but a symbolic one. It seems the Iranian attackers chose this particular government site to pass information for subsequent attacks. Future investigations will likely reveal more about the attack.