London, 29 Jan - The European Union’s digital security agency said on Monday that Iran is likely to increase its cyber espionage activities as its relations with Western powers deteriorate.
The European Union Agency for Network and Information Security (ENISA) said in a report: “Newly imposed sanctions on Iran are likely to push the country to intensify state-sponsored cyber threat activities in pursuit of its geopolitical and strategic objectives at a regional level.”
These sanctions that ENISA is referring to were a reaction by Europe to Iran’s ballistic missile tests, as well as terror and assassination plots on European soil. The sanctions, the first since six world powers and the EU signed a 2015 nuclear deal with Tehran, targeted Iran’s Ministry of Intelligence and two of its key members.
Iranian hackers have been behind several cyber-attacks and online disinformation campaigns in recent years, targeting Western governments and militaries, as well as their allies like Saudi Arabia, according to a Reuters Special Report published in November 2018.
This was in the same month that the US indicted two Iranians for launching a major cyber-attack using ransomware known as “SamSam”, which brought the government of Atlanta to a near standstill and also targeted hospitals and schools. The US also sanctioned two others for helping exchange the ransom payments from Bitcoin digital currency into Iranian rials.
Iran has, of course, rejected the ENISA report, with a senior Iranian official saying that it is part of a “psychological war launched by the United States and its allies against Iran”.
In March 2018, the US imposed sanctions on several Iranians for hacking on behalf of the Iranian government and Iran’s foreign ministry reacted by denouncing the move as “provocative, illegitimate and without any justifiable reason”.
The ENISA says that state-sponsored hackers are one of the biggest threats to the EU’s digital security, with China, Russia and Iran being “the three most capable and active cyber actors tied to economic espionage”. All three of those countries have denied allegations by the US that their governments conduct cyber-attacks, but evidence from these cyber-attacks prove otherwise.
ENISA said that Iran’s cyber activities are expected to increase in coming months, especially if the EU ends up pulling out of the 2015 nuclear deal, as many expect them to. But this doesn’t mean that the EU or other governments should appease Iran; rather they should clamp down harshly on any Iranian-sponsored hacking that does occur. Bad behaviour should not be rewarded.