Source: Fortune
Summary
A cyber attack on a popular Iranian prayer app, BadeSaba, sent push notifications to millions of users, calling for a “People’s Army” to defend their “Iranian brothers.” The attack was attributed to Israeli hackers. In response, Iranian regime loyalists launched a counter-attack, using a loosely coordinated group of cyber operatives known as the “Cyber Islamic Resistance.” The attack has raised concerns about the potential for Iranian proxy groups to launch unpredictable and decentralized attacks on Western companies.
Our Reading
The numbers tell one story.
The BadeSaba hack demonstrates the template that Iranian proxy groups could now try to deploy in reverse against Western companies. With Iranian leadership effectively decimated, the command structure that oversaw Tehran’s cyber operations is essentially gone. This has led to a power vacuum, where aligned hacktivists and proxy groups are making their own targeting decisions without approval from central authorities. A 19-year-old hacker in a Telegram room with no oversight or direction can now decide to hit a mid-sized logistics firm to make a statement.
Iranian proxy groups are likely to continue unleashing their formidable offensive cyber capabilities, in addition to other aspects of national power. Business leaders need to be prepared for continued uncertainty and unpredictable attacks. Companies aren’t really prepared for nihilistic psychological operations that target the mental state and trust of their workforce. Boards and C-suites need to ask key questions about the maximum amount of time business functions can be offline before it hits revenue and reputation.
Author: Evan Null
