Iran is suspected of launching a cyberattack against Saudi Arabia.
The attack was launched on Dec. 29, the same day U.S. airstrikes against Iranian-backed militia groups in Iraq and Syria, according to Yahoo News. The Saudi National Cybersecurity Authority identified the attack as a “wiper” that erased data in unidentified targets but did not accuse Iran of launching it.
Cybersecurity specialists who reviewed a technical report from the Saudi cybersecurity agency said the attack mimics others sponsored by Iran. According to the report, the attackers gained access to a Middle Eastern network months earlier in 2019 and “detonated” the malware on short notice in the final days of the year.
They disagreed on the motive for the attack. While the attack took place hours after the U.S. hit Iranian paramilitary targets and it was rushed, some experts said that the attackers could have detonated the wiper out of fear of being discovered and losing access to the hacked network.
The attack underscores Iran’s cyber capabilities as tensions remain high between Tehran and the United States after President Trump ordered a drone strike that killed Iranian Gen. Qassem Soleimani on Jan. 2. Iran responded to the attack on Jan. 7, launching ballistic missiles at military bases in Iraq where U.S. soldiers are stationed.
“The real question is whether or not they will shift this activity to the United States,” said John Hultquist, FireEye’s director of intelligence analysis for cyber threat intelligence.
U.S. and Iraqi officials said there were no deaths as a result of the Iranian missile strike.
