We’re back with the second episode of our “Big Four” series focused on North Korea, Iran, China, and Russia. We chose Iran for this one, and to help me explore their cyber capabilities I invited Sarah Hawley, Principal Analyst for Mandiant Threat Intelligence, and Lee Foster, Senior Manager of Information Operations Analysis.
Sarah kicked off the episode by providing an overview of Iran’s past offensive cyber activity and how these capabilities have developed over the years. Lee shared how they have also grown their usage and willingness to use information operations (IO) and how his team approaches attribution and analysis of this disinformation activity.
We then touched on drivers of Iranian cyber threat and their apparent increasing willingness to target democratic processes. Sarah also discussed Iran’s destructive activity going after industrial targets in the oil and gas sectors through password spraying and spear phishing operations.
As always, we closed out the episode with thoughts about what Sarah and Lee think we might see from Iran’s cyber operations in the coming years. Listen to hear their predictions and stay tuned for our upcoming episodes on China and Russia.
Listen to the podcast now, check out the “Big Four” episode on North Korea if you haven’t already, and then head over to our Eye on Security page for even more episodes.