Cybersecurity

Prisoner swap frees Iranian hacker

Shutterstock image (by Aleksandar Mijatovic): Iranian flag.

Among the seven Iranians freed in a prisoner swap between the United States and Iran over the weekend was a man accused of hacking into a Vermont-based defense firm to steal software. His case was a reminder that cyberspace has been a flashpoint in the often-tense U.S./Iran relationship.

Federal officials announced in December 2015 that Nima Golestaneh had pleaded guilty to hacking aerodynamics firm Arrow Tech Associates. According to the plea deal, he helped infiltrate Arrow Tech in October 2012 using servers that masked the identity and origin of the attackers.

Golestaneh was allegedly going after Arrow Tech's proprietary software. The firm's website says it develops software for designing and simulating guided and unguided missile projectiles.

Hackers "are not immune from the law because they hack from faraway countries that they perceive as offering a safe haven," U.S. Attorney Eric Miller said in a statement announcing the guilty plea. But any basking in Golestaneh's guilty plea from U.S. officials proved short-lived because he was freed just six weeks later.

The Justice Department's indictment of foreign hackers has been a key aspect of the Obama administration's search for a deterrent in cyberspace. A department spokesman did not respond to requests for comment on the impact of Golestaneh's release.

Chinese hackers have also targeted the intellectual property of U.S. defense contractors, and the Defense Department has tried to shore up defense of its secrets via an information-sharing scheme.

Second-tier hacking

When ranking nation-states' cyber capabilities, U.S. officials often put Iran in the second tier, behind Russia and China. Director of National Intelligence James Clapper has characterized Iran and North Korea as less sophisticated than Russia and China in cyberspace but also more unpredictable.

Iranian hacks have sometimes relied more on guile than on technical feats. In one example, hackers allegedly set up a fake news site staffed by a team of fake reporters who tried to connect via social-media platforms to senior U.S. and Israeli government officials, according to a May 2014 report by iSight Partners.

Iranian hackers have also reportedly grown more capable in recent months. An April 2015 study produced by cyber intelligence firm Norse and the conservative think tank American Enterprise Institute concluded that Iran was "becoming a serious force in the malware world."

The country has been accused of sponsoring a wave of distributed denial-of-service attacks on the U.S. financial sector in 2011 and 2012, and a 2014 hack on a Las Vegas casino company.

"The Iranians are still poking around, still improving their skills, but the level of action against the U.S. appears to be under control," said James Lewis, a senior fellow at the Center for Strategic and International Studies. "DDOS against some bank isn't worth risking the nuclear deal."

The United States has reportedly conducted its own computer operations against Iran by working with Israel to develop the Stuxnet computer worm to destroy centrifuges used in Iran's nuclear program, according to multiple news reports.

Geopolitical developments can influence American and Iranian activity in cyberspace. For example, Adm. Michael Rogers, director of the National Security Agency, told Congress in September 2015 that Iranian cyberattacks on U.S. targets had declined noticeably with the intensification of nuclear negotiations between the two countries.

About the Author

Sean Lyngaas is an FCW staff writer covering defense, cybersecurity and intelligence issues. Prior to joining FCW, he was a reporter and editor at Smart Grid Today, where he covered everything from cyber vulnerabilities in the U.S. electric grid to the national energy policies of Britain and Mexico. His reporting on a range of global issues has appeared in publications such as The Atlantic, The Economist, The Washington Diplomat and The Washington Post.

Lyngaas is an active member of the National Press Club, where he served as chairman of the Young Members Committee. He earned his M.A. in international affairs from The Fletcher School of Law and Diplomacy at Tufts University, and his B.A. in public policy from Duke University.

Click here for previous articles by Lyngaas, or connect with him on Twitter: @snlyngaas.


Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.