A senior US official has admitted that the first ever destructive cyber-attack on an American firm by a nation state last year was carried out by Iranian operatives against the Las Vegas Sands casino group.
Director of national intelligence, James Clapper, confirmed at the Senate Armed Services Committee what up until now had been unsubstantiated reports, according to Bloomberg.
Sands Casino Iran Map
8, 2014, the hackers were focused on Sands Bethlehem, a 3,000-slot-machine casino and resort in Bethlehem, Pa., which has its own website and computer network. 2.Iranian hackers penetrated the systems of the Las Vegas–based Sands Casino company in Feb- ruary 2014, effectively shutting down many of the casino's operations.8This attack completely wiped a significant number of Sands' hard drives and stole confidential data, posting some online. Bloomberg revealed that Iranian hackers have used Visual Basic malware to wipe out data of corporate systems at Las Vegas Sands Corp. On February 2014 the Casino operator Las Vegas Sands Corp suffered a major cyber attack, but only now the news was publicly disclosed by the Bloomberg Businessweek. The attack has many similarities with the recent. The nation also destroyed sensitive data during a hack at the Sands Casino in 2014 after anti-Iran comments by owner Sheldon Adelson. Disable Iran's gas and oil sector if Iran hit back too.
The attack on the world's largest casino group in February 2014 is said to have shut down servers and PCs, wiping hard drives and taking out key systems such as those which monitor the payouts at the slot machines and gambling tables.
IT staff were even forced to rip out network cables from any computer they could find in a desperate bid to stop the attack from spreading, a report claimed in December.
It's thought that the attack might have been sanctioned in response to outspoken conservative Sands owner Sheldon Adelson's remarks that Tehran should be nuked if it doesn't give up its nuclear weapons program.
The $14bn firm's website at the time was apparently defaced with a picture of Adelson and Israeli PM Benjamin Netanyahu and a message referencing the comments.
According to Clapper, the Sands attack was the first of its kind on a US organization, to be followed later that year with a similar destructive blitz on Sony Pictures Entertainment which the authorities are blaming on North Korea.
Sands Casino Iran News
'While both of these nations have lesser technical capabilities in comparison to Russia and China, these destructive attacks demonstrate that Iran and North Korea are motivated and unpredictable cyber-actors,' he reportedly added.
Sands Casino Reno Nv
Rather than a single ‘Cyber Pearl Harbor' style event which takes the country's critical infrastructure by surprise, crippling the nation, it's more likely that the future will see more isolated incidents like these two attacks by Iran and North Korea, Clapper claimed.
Iran's cyber capabilities certainly appear to have grown significantly of late.
In December the FBI warned US firms of a large scale covert campaign against critical infrastructure organizations launched by the Islamic state.
IT staff were even forced to rip out network cables from any computer they could find in a desperate bid to stop the attack from spreading, a report claimed in December.
It's thought that the attack might have been sanctioned in response to outspoken conservative Sands owner Sheldon Adelson's remarks that Tehran should be nuked if it doesn't give up its nuclear weapons program.
The $14bn firm's website at the time was apparently defaced with a picture of Adelson and Israeli PM Benjamin Netanyahu and a message referencing the comments.
According to Clapper, the Sands attack was the first of its kind on a US organization, to be followed later that year with a similar destructive blitz on Sony Pictures Entertainment which the authorities are blaming on North Korea.
Sands Casino Iran News
'While both of these nations have lesser technical capabilities in comparison to Russia and China, these destructive attacks demonstrate that Iran and North Korea are motivated and unpredictable cyber-actors,' he reportedly added.
Sands Casino Reno Nv
Rather than a single ‘Cyber Pearl Harbor' style event which takes the country's critical infrastructure by surprise, crippling the nation, it's more likely that the future will see more isolated incidents like these two attacks by Iran and North Korea, Clapper claimed.
Iran's cyber capabilities certainly appear to have grown significantly of late.
In December the FBI warned US firms of a large scale covert campaign against critical infrastructure organizations launched by the Islamic state.
Threat intelligence firm Cylance had earlier the same month branded Iran 'the new China' in a report detailing a major information-stealing APT campaign seemingly launched with Tehran's blessing.
F-Secure security advisor Sean Sullivan welcomed Clapper's admission that a single catastrophic 'Cyber Pearl Harbor' incident is unlikely, claiming that 'clearly it's a situation of death by a thousand cuts.'
And not just via nation state sponsored attacks: 'Criminal organizations are acting with an ever increasing amount of impunity if their targets are located within the territory of a nation state rival. Online crime requires international law enforcement cooperation – and that is one of the casualties in our current state of affairs,' he told Infosecurity by email.
'Yes, we can definitely expect more destructive attacks. Organizations need to think differently. All threats are becoming more persistent. Mission critical information must be better compartmentalized in order to protect it.'
