Iran, other countries hit by global cyber attack that left U.S. flag on screens

iran cyber attackHackers have attacked networks in a number of countries including data centers in Iran where they left the image of a U.S. flag on screens along with a warning: “Don’t mess with our elections”, the Iranian IT ministry said on Saturday.

“The attack apparently affected 200,000 router switches across the world in a widespread attack, including 3,500 switches in our country,” the Communication and Information Technology Ministry said in a statement carried by Iran’s official news agency IRNA.

The statement said the attack, which hit internet service providers and cut off web access for subscribers, was made possible by a vulnerability in routers from Cisco which had earlier issued a warning and provided a patch that some firms had failed to install over the Iranian new year holiday.

A blog published on Thursday by Nick Biasini, a threat researcher at Cisco’s Talos Security Intelligence and Research Group, said: “Several incidents in multiple countries, including some specifically targeting critical infrastructure, have involved the misuse of the Smart Install protocol…

“As a result, we are taking an active stance, and are urging customers, again, of the elevated risk and available remediation paths.”

On Saturday evening, Cisco said those postings were a tool to help clients identify weaknesses and repel a cyber attack.

Iran’s IT Minister Mohammad Javad Azari-Jahromi posted a picture of a computer screen on Twitter with the image of the U.S. flag and the hackers’ message. He said it was not yet clear who had carried out the attack.

Azari-Jahromi said the attack mainly affected Europe, India and the United States, state television reported.

“Some 55,000 devices were affected in the United States and 14,000 in China, and Iran’s share of affected devices was 2 percent,” Azari-Jahromi was quoted as saying.

In a tweet, Azari-Jahromi said the state computer emergency response body MAHER had shown “weaknesses in providing information to (affected) companies” after the attack which was detected late on Friday in Iran.

Hadi Sajadi, deputy head of the state-run Information Technology Organisation of Iran, said the attack was neutralized within hours and no data was lost.

REUTERS

  • vs

    Iranian
    media reported that four citizens of the Islamic Republic of Iran died
    as a result of the bombing of the T-4 airbase in the Syrian province of
    Homs. Agency Fars calls the killed the defenders of Shiite shrines of Syria.

    Among the dead – Colonel of the Corps of the Guards of the Islamic Revolution Mahdi Dehkan Yazdli. He is said to have commanded Iranian unmanned aerial vehicles in Syria. T-4 was the main base of drones.

    The remaining victims are a representative of the pro-government
    militia Basij Mahdi and two Iranian militants: Amar Mousavi Ahvazi and
    Ahbar Janati.

    As
    reported by the Russian Defense Ministry, from 3:25 to 3:53 Moscow
    time, two F-15 Israeli Air Force aircraft struck eight guided missiles
    at Tifor airfield. They were in the airspace of Lebanon. Five missiles were intercepted, three reached the target.

    British
    journalist Gareth Brown, working for The Time, The Daily Beast and
    Telegraph, in his Twitter wrote with reference to sources among the
    military that last night the Russians left the T-4 airbase in Syria,
    shortly before the air strike